Many automated malware analysis sandboxes exist on the market today, but they all suffer from the fundamental flaw of being based on virtualization or emulation. Because they differ from ordinary computers, malware can detect their presence and change their behavior. Some solutions go to great lengths to attempt to hide the fact that they are not real computers, but they cannot be perfect and are often playing a game of catch-up to keep up with the latest evasion techniques. With Binary Guard's TBMTM Sandboxes, there is nothing to hide because our sandboxes are real computers.
It only takes one sophisticated malware to sneak past your defenses to wreak havoc. Don't settle for false negatives. Add TBMTM Cloud Sandbox to your malware analysis arsenal.
Need to automate? We've got you covered. Our REST API allows you to submit samples for processing and retrieve the same data seen in the interactive reports (see below) in easily parsed JSON.
TBMTM Cloud Sandbox's comprehensive, interactive reports provide the most important information up front so you don't have to dig through pages of data to find the data you are looking for. But detail is important too, so we made very detailed data easily accessible through interactive expansions and searches. Here are some highlights from our reports.
Zero in on API hooks down to the trampoline and detour. You can even download the injected code and load it right into your favorite disassembler.
Feature | TBM Basic BETA | TBM Pro | TBM Corporate |
---|---|---|---|
Analyze files (executables, documents, etc.) | Yes | Yes | Yes |
Support for compressed/passworded files | Yes | Yes | Yes |
Analyze URLs for drive-by attacks | Yes | Yes | Yes |
Easy-to-understand Indicators | Limited | Yes | Yes |
Video of session | Yes | Yes | Yes |
Screenshots | Yes | Yes | Yes |
Interactive tree of sample-related processes | Yes | Yes | Yes |
Static analysis on the sample analyzed | Yes | Yes | Yes |
Network activity report | Yes | Yes | Yes |
Machine-learning maliciousness score | - | Yes | Yes |
Private submissions | - | Yes | Yes |
Configurable analysis duration | - | Yes | Yes |
Download/view dropped/deleted files | - | Yes | Yes |
Static analysis on dropped/deleted files | - | Yes | Yes |
List of running processes | - | Yes | Yes |
Process injection report | - | Yes | Yes |
Mutant report | - | Yes | Yes |
Network ports opened | - | Yes | Yes |
Downloadable PCAP | - | Yes | Yes |
Searchable/sortable list of all registry actions | - | Yes | Yes |
Searchable/sortable list of all filesystem actions | - | Yes | Yes |
Device driver report | - | Yes | Yes |
Change or disable Internet connectivity | - | Yes | Yes |
REST API | - | - | Yes |
Custom OS images | - | - | Yes |
Multiple user accounts | - | - | Yes |
Customizable interface branding | - | - | Yes |
Terms of Service | Non-commercial use only | Conditional commercial use1 | Unlimited commercial use |
Support | Priority Phone/Email | ||
Pricing | Free (register now) | Contact us or request free trial |
Contact us or request free trial |