Cookie Notice

We use cookies to analyse site traffic and optimise your browsing experience. Accepting necessary cookies is required to provide you with a minimum level of service. Read Cookie Statement

Get In Touch
Contact Us

Contact Us

Please get in touch using the form below

1000 characters left
View our privacy policy
Experiencing a breach? Get emergency incident response assistance.

Overview

Remote and on-site malware services

We offer proactive support to enable your organisation to respond effectively to the near-daily evolution of malware. Our experts translate complex analytical findings into targeted deliverables for executive, legal, and technical stakeholders to provide insight into the nature and scope of any malware-related event.

Our malware analysis and reverse engineering services include:

Malware triage and analysis
Source code security review
Proactive tooling development
Reverse engineering and code review
Rapid triage
Large scale code teardowns

Features

Malware analysis and reverse engineering service features

Get the expert help and technical insight you need to understand where your organisation is vulnerable to malware and to implement a plan to safeguard those areas.

Malware triage and analysis

By applying static and dynamic analysis, our cyber experts examine files to identify threats and develop comprehensive reports. We harness industry-best techniques, ranging from automated sandbox detonation and observation to low-level reverse engineering, disassembly and decompilation, with actionable recommendations to inform your next steps.

Reverse engineering and expert code review

Our team helps organisations deal with expert witness and litigation issues by applying reverse engineering principles to determine how malware code operates and understand critical factors behind its development. We produce detailed declarations and technical documentation for legal and technical audiences and can provide deposition and expert witness testimony as required.

Investigative value

Our service includes rapid triage to inform investigative next steps and large-scale code teardowns to support detailed reporting and legal requirements. We’ll work as your collaborative partner to identify the impact of malware code in a wide variety of scenarios.

Proven technical insight

Our experts are highly knowledgeable in every major platform, including Windows, Linux, MacOS, iOS, Android, RTOS Microsoft 365, Google Workspace, AWS, Azure, x86, x64, ARM, C, Java, Python and Go.

Get immediate assistance

Get in touch

FAQ

Malware analysis FAQs

What is malware analysis?

From spyware to viruses to ransomware, malware varies widely. Malware analysis enables organisations to analyse and understand how a particular malware functions and its potential impact. This helps them to better understand where their data may be at risk and to mitigate and address those vulnerabilities.

What does the malware analysis process involve?

At Kroll, our malware analysis process identifies notable attributes such as malware family and persistence mechanisms and applies industry-best techniques such as automated sandbox detonation and observation, low-level reverse engineering and decompilation. We combine analysis of complex files and malicious code functionalities and the latest threat intelligence to assess where businesses may have data at risk, then translate these into risk mitigation plans.

Why is reverse-engineering malware an important aspect of cyber security?

Malware reverse engineering can be highly valuable in understanding the specific steps an attacker has taken to breach a system. It enables organisations to identify vulnerabilities and actions to defend against further similar threats in the future.

Why are malware analysis and reverse engineering services critical to an effective cyber security strategy?

As well as helping organisations to protect themselves against further security threats, malware analysis and reverse engineering services enable companies to take effective action in intellectual property and trade secrets disputes. They also provide critical insight for declarations and supporting technical documentation for legal and technical audiences.

What are the different types of malware analysis?

Types of malware analysis include static, dynamic or a combination of the two. In static analysis, the malware files are assessed for signs of malicious intent. This type of analysis can be helpful for identifying aspects such as packed files, libraries or malicious infrastructure. Dynamic analysis involves the execution of suspected malicious code in a safe environment called a sandbox. This enables the observation of malware in action without risk and provides greater visibility of the nature of a threat. Hybrid analysis combines static and dynamic analysis.

What is the next stage after malware analysis and reverse engineering?

It is essential to take strategic action in response to the insight gained through malware analysis and reverse engineering. At Kroll, we deliver clear, actionable findings to enable organisations to take informed steps and respond quickly and effectively to the vulnerabilities identified.

Malware analysis support

Comprehensive insight into at-risk data with actionable risk mitigation plans

Whether it is for a standalone analysis or part of a broader investigation, our team rapidly undertakes assessments to understand the potential malware risk to your data, systems and networks. Our unique and extensive frontline experience means we can help you make informed decisions at every stage and develop a plan tailored to your specific needs and priorities. We can deploy remote solutions quickly and/or be onsite within hours.

Our malware and reverse engineering services help to identify and mitigate:

Backdoors

Fileless malware

Keyloggers

Polymorphic malware

Ransomware

Rootkits

Spyware

Trojans

Viruses

Worms

About us

Why choose Kroll?

  • Flexible, on-demand services
  • Recognised by CREST and PCI council
  • A team of over 450 DFIR experts globally
  • 3,200 security incidents responded to every year

Get in touch

Complete the form for a prompt response from our team.

Two Redscan team members analysing cyber security intelligence

1000 characters left
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
22nd April 2024
Quishing attacks increase tenfold
According to new research, quishing attacks, a type of phishing that leverages QR codes, have significantly increased, rising from 0.8% in 2021 to 10.8% in 2024.
15th April 2024
Half of UK businesses affected by cyber-incident in the past year
According to a new report by the UK government, half of UK businesses have reported a cyber incident or data breach in the past 12 months.  
8th April 2024
Infostealers prominent in retail cyber-attacks
New research has highlighted that the use of infostealers dominated in cyber-attacks on retailers over the past year.  
2nd April 2024
Zero-day vulnerabilities soared by over 50% between 2022 and 2023
In a new report Google has revealed that the volume of zero-day vulnerabilities it detected rose by over 50% from 2022 to 2023, with bugs in third-party components on the increase.