1.) AMAaas:- It is an android malware analysis platform. You can create your own id that is private and you can also login as anonymous user. They give an open platform for all user that can be anonymous. The user id is amaaas and password is s4urc. You can upload the applications only. No option to search hash value. You can see public researched applications in Dashboard.
URL: https://amaaas.com
What AMAaas give and what they do:-
Hash value
General information
Android Version: In this information they give full detailed of application version.
Analysis Start Time: In this information they give a starting time of analysis,
when they start analyze the application.
Overall Analysis Duration: They give time detailed In how long did it take to do this work.
File Name
Static analysis
BASIC ANALYSIS: They provide basic information of the applications.
CODE FEATURES: They provides information of source code from the applications.
API ANALYSIS: Descriptions of the APIs in DEX file from an Android Application.
Dynamic analysis
SDK and NDK Hooking: They provides Runtime behaviors of the Application
Runtime String Extraction: They provides extracted information from a running Application
Malware analyzed by virus total:
In this they analyzed the application from virus total. Virus Total is a Website. Virus total Analyze suspicious files, hash values, domain, IP address and URLs to detect types of malwares.
2.) Any run:- This website is online malware analysis sandbox. It is analyzed only Dynamic malwares. They also show public submissions. It comes in paid or free both version. In free version only window 7 operating system work and paid version you can analyze window vista, 7, 8 and 10. Only files and URL allow to malware analysis. Website give extra advance mode in this mode you change the network (proxy, use VPN, Fake net) and do more things. It is very easy for Dynamic malware analysis. They give a perfect and useful detailed.
URL: https://any.run/
What they provide:
Interactive access
A wide set of environment
Live process events data
10cs in a convenient format
A large no. of analyses
Extended IDS rules sets
Free version for community
Account is necessary
3.) Intezer Analyze:- Intezer Analyze is an automated malware analysis and provides clear insights into any suspicious file. The developer calls this Genetic Malware Analysis. It comes in both a paid or free version. It is very fast. It supports Windows, Linux and Android applications. It also scans file from virus total.
Windows Executable file: .exe, .dll, .sys –native x86, native x64 and .NET
Linux: native x86, native x64, ARM32, ARM64
Android all applications
Does not support documents like .doc .ppt .xls .odt...
Search hash values also
URL: https://analyze.intezer.com/#/analyze
4.) OPSWAT Meta defender cloud:- It is a public or private Dynamic malware analysis.They provide search platform and search only URL, File, hash, domain, IP address or CVE.
Dynamic Analysis: They provides an isolated virtual environment.
Two operating systems supported by OPSWAT sandbox on Meta Defender Cloud are:
Window 7
Window 10
No public submissions in web surface. Cloud based advanced threat prevention platform. Prevention and reputation APIs.
Vulnerability Scanning, Data Sanitization (CDR) and Multi-Scanning. Threat Intelligence data High availability and auto scale architecture Flexible licensing and packaging Developer friendly REST API Comprehensive security reports.
URL: https://metadefender.opswat.com/
5.) Firmware:- It is a Dynamic and Static malware analysis. It is still in beta version that’s why the performance is not good. Only files are acceptable.
URL: http://firmware.re/
6.) Sndbox:- It is malware analysis sandbox . Upload a file maximum 100mb. Search box on home page and search URL, IP address, file hash, tag or domain for malwares analysis. Account is necessary for use this platform. They show the public submission for better experience. It is a good platform for student. Without registration its not work. They provide a public or private platform.
They give: Overview of files, Static Analysis, Dynamic Analysis and Network Analysis.
All the details are very good. The best part is they provide the network analysis also.
URL: https://app.sndbox.com/upload/
7.) JOE Sandbox cloud:- Joe Sandbox cloud detects and analyzes malicious files, URL on Windows, hash value, Android, Mac OS, Linux, and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed analysis reports. This website gives you access to the Community Edition of Joe Sandbox Cloud. It allows you to run a maximum of 30 analyses / month, 10 analyses / day on Windows, Linux and Android with limited analysis output. You choose own analysis platform, if you analyze only static then you change the settings according to your convenience.
URL: https://www.joesandbox.com/
8.) Cuckoo:- It is a free malware analysis web server. Cuckoo also comes for windows. Cuckoo detects and analyzes malicious files, URL and hash value only. Open platform for public.
What they provide after analyzed:
Summary
Static analysis
Dynamic analysis
Network analysis
Behavior
Process memory
VM memory dumps: Process list, Code injection and Sockets.
URL: https://sandbox.pikker.ee/
9.) Hybrid analysis:- This is a free malware analysis service for all that detects and analyzes malicious files, URL and hash value using a unique Hybrid Analysis technology. It powered by Falcon Sandbox. They provide free services and also private cloud. But the private cloud not free. Their charges for month is 500USD for private cloud. In free version only window 7 OS supported. In their report view risk summary and verdict. You also check the public submissions.
URL: https://www.hybrid-analysis.com/
10.) Vicheck:- Advanced Detection Tools to Stop Malware. This is also a free malware analysis service for all that detects and analyzes malicious files, URL and hash value. The maximum filesize for uploads is 29M. Image files are displayed with a preview. Some analysis results take a time to generate depending on CPU load. Record the file hash code to use in other search/reporting utilities if desired.
My opinion: Hash value is not detected most of the time so use file for analysis.
URL: https://vicheck.ca/
!