ReversingLabs Insights™ Insights
  • Forgot your password?
By logging in, you agree that you have read and accepted the terms of service set forth in the ReversingLabs, Inc. End User License Agreement

RLI v8.0.2 Release Highlights

Dynamic and Network Analysis

  • VMRay Sandbox solution integrated with RLI, offering a simplified setup process to forward files and receive results inside the RLI, increasing the triage productivity with an additional dynamic metadata

Maintenance & Operations

  • McAfee GW Edition (Online) Antivirus name changed to Skyhigh Anti-Malware in the User Interface
  • Security compliance updates in v8.0.2 include an update to Solr v9.1.1
  • Quality improvements through a number of prioritized defect fixes, including:
    • Improved Process Tree section on Sample Summary PDF for RL Cloud Sandbox macOS analysis
    • Improved delete action if select all samples option is used

RLI v8.0.1 Release Highlights

Dynamic and Network Analysis

  • Increased sample size limit to 400 MB for analysis by ReversingLabs Cloud Sandbox and other integrated dynamic analysis solutions (CAPE, Cuckoo, Joe Sandbox), expanding the number of files that could be analyzed and providing the additional metadata for larger files

Workflows

  • New MITRE ATT&CK technique pivot links added to the Sample Summary MITRE ATT&CK tab to simplify searching of interesting techniques

Maintenance & Operations

  • Quality improvements through a number of prioritized defect fixes, including:
    • Propagation of File Threat Intelligence analysis to Sample Summary page
    • Improvements on Process Tree data from ReversingLabs Cloud Sandbox
    • Display of Behavior metadata on ReversingLabs Cloud Sandbox for macOS detonation
    • Improvements on antivirus detections pivot links
  • Security compliance updates in v8.0.1 include a number of updates for backend services and encryption of credentials

RLI v8.0 Release Highlights

Dynamic and Network Analysis

  • Network Threat Intelligence IP Analysis information is now shown on the URL summary page. Data is retrieved from TitaniumCloud dynamically upon page load, providing users with more efficient and richer triage capabilities with coverage from the full RL data corpus. IP threat intelligence contains a list of top threats, IP reputation from various reputation sources, statistics for downloaded files including maliciousness, and a list of related URLs and domains
  • RL Cloud Sandbox:
    • Additional statuses are shown during the upload and detonation of files sent to dynamic analysis, offering users better feedback during the analysis process and helping them troubleshoot potential infrastructure bottlenecks.
    • When sending files for static analysis, Historic Reports from past RL Cloud Sandbox analyses are now shown during processing on the Sample Summary page. This benefits users by providing immediate insights from the RL data corpus and offering richer investigations without spending additional RL Cloud Sandbox quota.
    • Snort & Sigma rules are now supported, detecting all suspicious/malicious behavior during a RL Cloud Sandbox analysis using those rules. This metadata is important for malware detection and identification purposes as it tells users when a malicious behavior has been detected during execution on the Network or OS log level, which cannot be extracted from static analysis alone.

Workflows

  • Improved search capabilities:
    • Automatic navigation to Sample Summary page is now enabled when users input single hashes or URLs inside the search box, offering a more efficient way to investigate an interesting hash or URL.
    • Domain and IP Search pages are now shown when users search for a single Domain or IP, providing Network Threat Intelligence data for that Domain/IP above the search results. This functionality provides immediate insights from the RL data corpus, increasing the network analysis efficiency.
    • Tooltip for failed analyses added to the search grid, offering additional information previously visible only on the Submissions page.
    • Rearranged Search filters are now located above the Search input field, offering users easier access and efficiency of use.
  • Updated Sample Summary PDF report to be uniform with the RLI user interface view, improving the presentation of the Report Summary widget and all File Analysis Detail sections.
  • Improved upload file limit pop-up message, offering a tailored SaaS solution from the ReversingLabs portfolio that can be used to upload files with size up to 10 GB

Maintenance & Operations

  • The underlying operating system was upgraded to Rocky Linux 8, improving system stability, performance and security compliance
  • Quality improvements through a number of prioritized defect fixes

For detailed release information, please see the full release notes on the ReversingLabs Customer Portal (login required).