AIMA

Hypervisor Based Automated/Interactive Malware Analaysis System

Malwation AIMA is a hypervisor-based automated/interactive malware analysis system. AIMA facilitate the analysis of malware and it automates the operations that need to be done during the classical analysis process which saves time and shows you the important details of malware thanks to its intelligent ML based reputation engine and reporting system.

INTERACTIVE

AIMA optionally permits human interaction. When you upload to scan any file, you can access the sandbox machine via the AIMA interface and intervene in the analysis process and its results in real time and customize the Yara rulesets.

INVISIBLE

The analysis engine that AIMA has is invisible and can not be detected by malware. Bypasses all the evasion techniques of malware and deeply analyzes malware behavior. It records all the activities of malware on the system.

REPUTATION ENGINE

AIMA classifies malwares' functions by ML based analysis and reputation engine, according to the level of criticality. Determines where and how the related functions are used. Identifies variants.

NETWORK ANALYSIS

AIMA captures and analyzes all network activity. It can decrypyt encrypted traffic and finds all malware related stuff. It summarizes network traffic in detail and shows domain and IP adresses used by malware.

HUMAN SIMULATION

If you use AIMA in full automatic mode, the human simulation runs and bypasses the intuitive anti analysis techniques of malware.(Like action-based)

FLEXIBLE REPORTS

AIMA can create reports in many formats for more effective use by analysts, SOC & IR teams, products that can be integrated.

TOP