Responder Professional Malware Analyzer
CALL FOR SPECIAL GOVERNMENT PRICING
|
|
Provides memory forensics, malware detection, and software behavior indentification
FDPro is included with Responder Professional
The Responder Professional Malware Analyzer provides the ultimate in Windows™ physical memory and automated malware analysis all integrated into one application for ease of use, streamlined workflow, and rapid results. The Professional platform is designed for Incident Responders, Malware Analysts, and Computer Forensic Investigators who require rapid results. Responder Professional provides powerful memory forensics and malware identification with Digital DNA™.
Malware analysis includes automated code disassembly, behavioral profiling reporting, pattern searching, code labeling, and control flow graphing. This is a huge step forward for the information security and computer forensic communities. Finally, these long-awaited capabilities are available to complement enterprise security best practices in the areas of host intrusion detection, computer forensics and security assessments,
Memory Analysis:
Lots of information can be found in memory, malware, chat sessions, registry keys, encryption keys, socket information and more. Responder™ Professional provides an easy to use GUI that allows you rapid recovery of this type of information. The GUI is designed to support investigation workflow NO DIFFICULT COMMAND LINE interface. Responder allows every investigator to be successful with minimal effort.
Types of information found in memory:
Operating System Information
Running processes
Open files
Network connections and listening ports
Open registry keys per process
Interrupt Descriptor Table
System Service Descriptor Table
Application information
Passwords in clear text
Unencrypted data
Instant messenger chat sessions
Document data
Web based email
Outlook email
Malware Detection
Keystroke logging
Rootkits & Trojans
Malware Detection with Digital DNA™:
Digital DNA is a revolutionary technology to detect advanced computer security threats within physical memory without relying on the Windows operating system which cannot be trusted. All executable code residing in memory are scanned and ranked by level of severity based upon programmed behaviors. The Digital DNA Sequence appears as a series of Trait codes when concatenated together describe the behaviors of each software module. Observed behavioral Traits are matched against HBGary’s “Malware Genome” database to classify digital objects as good, bad or neutral. Rules and weighting are applied to compute the overall Severity score. Users can see the underlying Trait descriptions to gain fast insight into software behaviors.
More computer crimes are involving malware as a method of gaining access to confidential information. The new face of malware is designed to never touch the disk and reside only in memory. Important delivery information, rootkit behavior and malware not detected by AV can be easily found using Professional. The Malware analysis module automatically generates a malware analysis report that provides a high level overview of each binary’s possible capabilities broken out into 6 different factors.
Installation and Deployment Factors
Communication Factors
Information Security Factors
Defensive Factors
Development Factors
Command and Control Factors
Malware Reverse Engineering:
Designed to augment automated malware analysis. Sometimes the automated malware analysis will not provide the granular insight required for sophisticated understanding of code. HBGary includes these easy to use features as a means of getting more information visually. Control Flow Graphing provides rapid understanding of complex code executions path, code loops and calls. Pro includes many of the features found in IDA and Ollydbg such as labeling and code view.
Reporting
A flexible reporting module is built in for ease of use so you can quickly deliver the information in a succinct manner to attorneys, management or clients. Can export out to CVS, PDF, RTF and other industry standards.
Responder Pro Screenshot:
Tree view and all processes view:
Exfiltration routine and file types:
Command line closeup:
6 REASONS YOU NEED RESPONDER PRO:
Current Detection is not Enough:New Malware is breaking through undetected every day.
Cybercrime is exploding:Companies are increasingly at risk.
Maleware Evolution:Malware has evolved over the past ten years, and new methods are urgently required.
Speed of Analysis:Software speeds containment, elimination and data protection.
Physical RAM analysis: RAM must be analyzed to verify system integrity.
Application Software: Responder Pro is extremely easy to install and to use.
*About Digital DNA™
Without relying on the operating system which itself may be subverted, Digital DNA™ uses automated physical memory analysis to reveal all running software and their underlying behaviors to flag malware and suspicious binaries. Malware threats are automatically detected and displayed on the dashboard console. These malware behavioral traits provide quick threat metadata — critical threat intelligence needed to protect today’s enterprise systems against advanced targeted and unknown attacks.
Digital DNA™ is currently deployed at Fortune 500 corporations and leading government agencies.
Digital DNA for Responder Pro Annual Subscription: $2,000.00 (Required for Responder Pro).
Software License |
$10,200.00 |
GSA Software License |
$9,180.00 |
Annual Maintenance |
$2,040.00 |
GSA Annual Maintenance |
$1,836.00 |
Digital DNA Annual Subscription |
$2,000.00 |
GSA Digital DNA Annual Subscription |
$1,800.00 |