Search

VirusTotal MultiSandbox += Yoroi: Yomi sandbox

We are excited to welcome Yomi: The Malware Hunter from Yoroi to the mutisandbox project. This brings VirusTotal upl to seven integrated sandboxes, in addition to VT’s own sandboxes for Windows, MacOS, and Android.


In their own words:

Yomi engine implements a multi-analysis approach able to exploit both static analysis and behavioral analysis, providing ad hoc analysis path for each kind of files. The static analysis section includes document and macro code extraction, imports, dependencies and trust chain analysis. The behavioral detection engine is weaponized to recognize suspicious actions the malware silently does, giving a powerful insight on command and control, exfiltration and lateral movement activities over the network, including encrypted channels. Each analysis is reported in an intuitive aggregated view to spot interesting patterns at a glance.


Some recent samples on VirusTotal with reports from Yoroi:


LNK file:

https://www.virustotal.com/gui/file/01a2e734116fab563e021f92d7d18a4e5dcfb6a9abbf5db906e6f35e6d9eb717/behavior/Yomi%20Hunter


Ransomware:

https://www.virustotal.com/gui/file/0b46963657fb907372ec55ffde8712a45654de146a244d7604e73dcb2bf599ce/behavior/Yomi%20Hunter


emotet:

https://www.virustotal.com/gui/file/163351e912ba5f7ca674f6017be509eb502be223032b93d89ae538ddc92df9fc/behavior/Yomi%20Hunter

https://www.virustotal.com/gui/file/7fd4830a683b3d30d3910c437ed3ddae827ef2408fd3b093ac84e9fdf8de3c6f/behavior/Yomi%20Hunter


HTTPS, mitm tab:

https://www.virustotal.com/gui/file/d84427fc6f466cb318e8efaea9729c1cd7b4a17289e5ab4d73675310f32ffc79/behavior/Yomi%20Hunter


Multiple file types, .g. dot file (strings)

https://www.virustotal.com/gui/file/11b90822549c6343fbfef474f77e45d2c149817f087813071488dad8bdc8dbf8/behavior/Yomi%20Hunter


Mitre Att&ck, ransomware

https://www.virustotal.com/gui/file/0b46963657fb907372ec55ffde8712a45654de146a244d7604e73dcb2bf599ce/behavior/Yomi%20Hunter

https://www.virustotal.com/gui/file/0b46963657fb907372ec55ffde8712a45654de146a244d7604e73dcb2bf599ce/behavior/Yomi%20Hunter


Source: https://blog.virustotal.com/2019/05/virustotal-multisandbox-yoroi-yomi.html?m=1


Recent Posts

See All

Introducing RESONIC™

Soliton, Inc. Rolls Out Its Rapid Acoustic Pulse™ Technology with a Multi-Platform Device Indicated for Tattoo Removal and Cellulite Treatment with First Shipments in June HOUSTON, May 5, 2021 /PRNews

Soliton Receives FDA Clearance of Special 510(k)

Notification paves way for second quarter commercial launch HOUSTON, April 29, 2021 /PRNewswire/ -- Soliton, Inc., (Nasdaq: SOLY) ("Soliton" or the "Company"), a medical device company with a novel an