CAMAL brochure can be downloaded from HERE.
CAMAL online can be accessed from HERE.
COSEINC Automated Malware Analysis
Lab (CAMAL) represents the cutting edge in
malware analysis research. Its next generation
malware analysis engine provides an integrated
platform to analyze both dynamic and static
profiles of a malware.
CAMAL uses virtual machines to isolate
running instances of a malware. This enables the
analysis to be carried out in a safe and secure
With proprietary monitoring technologies,
CAMAL is able to accurately track the
malware's interactions with the operating
system and network, including botnet
The automated analysis process starts by submitting the malware
to CAMAL. No further user interactions are needed when the
malware is being examined. Upon completion, the report of the
analysis can be downloaded from CAMAL.
- Cutting edge analysis engine
- Web interface for easy management
- Database storage for analyzed malwares
- Generate reports for analyzed malwares
- Appliance based solution that works out of the box
- Complete packet capture
- Protocols dissections with support for HTTP, SMTP, FTP, DNS and P2P traffic
- Traffic tracking
- Dynamic binary emulation
- Static binary inspection including packers and file headers
- Track file system changes
- Track registry changes
- Malware classification by using supported antivirus engine
Modern malware propagates by exploiting vulnerabilities in applications that process electronic document files (such as PDF, DOC, PPT and XLS). Current security solutions are unable to effectively mitigate this threat when the exploited vulnerabilities are 0-day and unknown to the public.
D-Analyzer aims to provide a revolutionary solution to this problem. By using various cutting edge analysis and sandboxing methods, D-Analyzer is able to determine if an exploit is embedded within a document file.
This is done by monitoring the application that opens the file for signs of exploitation and does not rely on any fix signature set. Doing so enables D-Analyzer to even detect 0-day exploits that reside in the file. Running the analysis in a sandbox environment will also ensure that the exploit or malware will not infect the machine that is running the analysis.
- Detect exploits on unknown and 0-day vulnerabilities
- Analysis engine has no file format dependency
- Intuitive GUI that allows easy file scanning
- Batch job that allows bulk scanning of suspicious files
OptiCODE can be accessed from HERE.
Modern malwares use a lot of obfuscation techniques to make its code more difficult to understand for malware analysts, with the hope of preventing attempts to reverse engineer their codes. Unfortunately, malware analysts are still reversing such nasty codes manually since there are no reliable tools to help with this problem.
OptiCode is our answer to this issue. Our tool uses highly advanced compiler techniques to automatically find and remove the obfuscated sections, then presents the cleaned code to the users.
OptiCode is very user-friendly. It supports both 32-bit and 64-bit Intel platforms. Users can also choose to use it as a Web interface or as an IDA plugin.
- Automatically deobfuscate machine level code for malware analyst
- Friendly and easy to use
- Available as Web-based tool & IDA plugin
- Supports Intel 64-bit and 32-bit