Malware Triage and Analysis
-
Get a Quote
Get a Quote -
24X7 Hotline
24X7 Hotline
Malware Analysis and Reverse Engineering
Kroll’s Malware Analysis and Reverse Engineering team draws from decades of private and public-sector experience, across all industries, to deliver actionable findings through in-depth technical analysis of benign and malicious code.
Contact UsOur experts translate complex analytical findings into targeted deliverables for executive, legal, and technical stakeholders to provide insight into the nature and scope of any code-related event.
Through a tailored application of static and dynamic analysis, Kroll’s cyber experts examine files to enumerate malicious functionality and develop comprehensive tear-down reports.
Our Malware Analysis Capabilities
Source Code Security Review
Reverse Engineering and Expert Code Review
Proactive Tooling Development
Malware Triage and Analysis
Whether it's standalone analysis or as part of a broader investigation, our team rapidly assesses the underlying nature of a sample to understand the risk to data, systems, and networks.
- Identify notable attributes such as malware family, Command and Control IP addresses or domains, host and network forensic artifacts, persistence mechanisms, and other indicators of compromise.
- Apply industry-best techniques ranging from automated sandbox detonation and observation to low-level reverse engineering, disassembly, and decompilation.
- Provide actionable recommendations to inform investigative next steps.
Source Code Security Review
Our expertise in exploit development and malware reverse engineering offers a highly trained eye to analyze and test software in fully controlled environments and identify vulnerabilities or flaws that expose software to real-world risk.
- Identify potential vulnerabilities in codebases to mitigate malicious exploitation
- Perform static code examination and review
- Dynamically test code functionality using industry-best methodologies
- Apply automated fuzz-testing framework
Reverse Engineering and Expert Code Review
The complexity of modern software lies at the heart of many intellectual property and trade secrets disputes. In support of expert witness and litigation matters, our team applies reverse engineering principles to determine how code operates and to understand critical factors behind its development.
- Collect and review open-source information to include pertinent publicly available reporting, documentation, and projects
- Perform in-depth code analysis in support of legal assessments and arguments
- Produce detailed deliverables including declarations and supporting technical documentation for Legal and Technical audiences
- Provide deposition and expert witness testimony as required
Proactive Tooling Development
To keep up with the near-daily evolution of modern malware, our team supports proactive penetration testing by applying real-world attack methodologies in controlled settings to ensure your security posture is ready for the technical attacks of today and tomorrow.
- Develop or repurpose malicious toolkits and utilities for heightened proactive testing
- Customize existing capabilities to avoid detection
- Support penetration testing exercises with real-world, cutting-edge attack methodologies
Technical Foundation
Our malware analysis experts are highly knowledgeable in every major platform, including:
- Windows, Linux, MacOS, iOS, Android, RTOS
- Microsoft 365, Google Workspace, AWS, Azure
- x86, x64, ARM, C, Java, Python, Go
- Develop atomic and behavioral indicators fed directly into Kroll's detection and response service platforms
- Incorporate up-to-date malware trends and active campaign intelligence across Kroll's global teams
Investigative Value
Benefits of our malware analysis services include:
- Rapid triage to inform investigative next steps
- Large-scale code teardowns in support of detailed reporting and legal requirements
- Collaborative partner in identifying the impact of code in a wide variety of scenarios
- Services tailored to the needs of the customer and objectives of the exercise
Talk to a Kroll Expert
Kroll is ready to help, 24x7. Use the links on this page to explore our services further or speak to a Kroll expert today via our 24x7 cyber hotlines or our contact page.
Related Team
Connect With Us
Stay Ahead with Kroll Stay Ahead with Kroll
Data Collection and Preservation
Data Collection and Preservation
Improve investigations and reduce your potential for litigation and fines with the strict chain-of-custody protocol our experts follow at every stage of the data collection process.
Computer Forensics
Computer Forensics
Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.
24x7 Incident Response
24x7 Incident Response
Enlist experienced responders to handle the entire security incident lifecycle.
Office 365 Security, Forensics and Incident Response
Office 365 Security, Forensics and Incident Response
Digital forensic experts investigate hundreds of Office 365 incidents per year and help strengthen your security.
Malware and Advanced Persistent Threat Detection
Malware and Advanced Persistent Threat Detection
Our expertise allows us to identify and analyze the scope and intent of advanced persistent threats to launch a targeted and effective response.
Business Email Compromise (BEC) Response and Investigation
Business Email Compromise (BEC) Response and Investigation
In a business email compromise (BEC) attack, fast and decisive response can make a tremendous difference in limiting financial, reputational and litigation risk. With decades of experience investigating BEC scams across a variety of platforms and proprietary forensic tools, Kroll is your ultimate BEC response partner.
Microsoft Threat Detection and Response: Five Key Pitfalls (and How to Address Them)
Managed Detection and Response
Microsoft Threat Detection and Response: Five Key Pitfalls (and How to Address Them)
May 03, 2023
by Rafael De Lima, Michael Cowley
MOVEit Vulnerability Investigations Uncover Additional Exfiltration Method
Threat Intelligence
MOVEit Vulnerability Investigations Uncover Additional Exfiltration Method
Jul 24, 2023
by Devon Ackerman, Steven Coffey, Josh Mitchell, Dan Cox
Proof of Concept Developed for Ghostscript CVE-2023-36664 Code Execution Vulnerability
Threat Intelligence
Proof of Concept Developed for Ghostscript CVE-2023-36664 Code Execution Vulnerability
Jul 11, 2023
by Dave Truman
Kroll Responder Named as Overall Leader in The KuppingerCole Leadership Compass for Managed Detection and Response Services
Press Release
Kroll Responder Named as Overall Leader in The KuppingerCole Leadership Compass for Managed Detection and Response Services
Aug 16, 2023
Kroll's 2023 State of Cyber Defense Report Reveals a Lack of Trust Ranked as the Biggest Security Concern by Cybersecurity Decision-Makers Globally
News
Kroll's 2023 State of Cyber Defense Report Reveals a Lack of Trust Ranked as the Biggest Security Concern by Cybersecurity Decision-Makers Globally
Jun 14, 2023
Kroll Recognized in 2023 Gartner Market Guide for Digital Forensics and Incident Response Retainer Services
Press Release
Kroll Recognized in 2023 Gartner Market Guide for Digital Forensics and Incident Response Retainer Services
May 19, 2023
Kroll Responder Recognized in 2023 Gartner Market Guide for Managed Detection and Response Services for the Third Consecutive Year
Press Release
Kroll Responder Recognized in 2023 Gartner Market Guide for Managed Detection and Response Services for the Third Consecutive Year
Mar 23, 2023
KAPE Intensive Training and Certification
Digital Forensics and Incident Response
KAPE Intensive Training and Certification
Dec 07, 2023 | Online Event
The Cyber Risk practice of Kroll is excited to offer virtual sessions of the Kroll Artifact Parser a...