allows the automated unpacking and classification of
malware into families.
Based on the same ideas and algorithms that made zynamics BinDiff great, zynamics VxClass can structurally compare executables and thus ignore byte-level changes such as instruction reordering or string obfuscation. Small changes in the code or changed compiler settings will not fool zynamics VxClass.
It's easy: Upload a piece of malware, and zynamics VxClass will first remove the executable crypters from it. Our automated unpacker handles most packers automatically. zynamics VxClass then analyzes and compares the uploaded executable to the database of stored malware, and provides a simple similarity metric that can tell you wether the program is related to a piece of known malware.
Classify malware in three easy steps: