Version 4.6
New features
- Android APK analysis (Android applications) now also supported for on-premise installations
- SMTP traffic sniffing in Lastline sensor
- Extended Microsoft Office exploit detectors
- Enhanced anti-evasion engine
- Extended analysis reports (memory- and file-related information)
On-premise Android APK analysis
On-premise installations now support analyzing APK artifacts (Android applications). The analysis is performed using the cloud-analysis component.
Furthermore, the reports for APK artifacts have been extended significantly, exposing more information captured during the analysis.
SMTP traffic sniffing
The Lastline sensor can now sniff SMTP traffic directly off the wire to analyze mail for malicious attachments. This can be enabled in the sensor configuration. This provides a new option for processing mail, in alternative to the POP3, IMAP or MTA modes.
Enhanced anti-evasion engine
The anti-evasion engine has been extended to support new mechanisms. In particular, it now exposes additional behavior from:
- Operating system services
- Malware requiring system reboot
- Evasive malware requiring specific analysis environment
Extended analysis reports
Analysis reports now expose, when available, additional information about an analyzed artifact, including:
- List of generated files
- List of memory dumps
- Information about patched sleeps
Bug fixes
- In analysis reports, clicking on a screenshot opens the magnified version of that screenshot