VirusTotal is a well-known company of Spanish origin, currently owned by Google, which allows us to analyze any file with more than 60 antivirus engines at the same time so that we can know with certainty if a certain file is completely safe or, otherwise, it can be a malware that some antivirus overlooked.
This company is constantly improving its platform and offering users new tools and resources that allow them to study and analyze the different IT threats that we can face every day. As part of the improvement of their functions, the people in charge of VirusTotal have just launched Graph, a new analysis tool that allows us to visualize the composition of the threats.
In our case, we have used the sample associated with the previous hash, and we can see a page like the following one.
In it we will see a section called “Root Node“, which corresponds to the file we have analyzed, the main threat. Within this threat we can see that there is a connection to the malware cloud, and it connects to two different servers to download malicious files, probably some type of malware in particular, an adware or an exploit.
If we double click on each of the nodes we will see more information about the expansion of the threat. As we double click on each of them we can see how the threat is expanding, and what once seemed relatively simple, is actually part of a large malicious network.
To help users in the study of threats, Graph has a series of tools that allow us, for example, to associate names to different nodes, add new nodes, eliminate nodes, fix a node, highlight it, etc. We will also be able to go to the VirusTotal public report of each threat and, if we are Premium subscribers, we can even take it to the VT Intelligenceplatform that allows us to analyze in much more detail the malware in question.
We can enter this new tool from the following link. Using VirusTotal Graph is completely free , although to be able to enter it we will have to be registered in the platform. Registration in VirusTotal is also free.
It is clear that this is not a tool for the average user, but rather something more focused on an advanced, professional audience. From VirusTotal also want to teach us to get the most out of this platform with a series of videos where they explain how it works.
We remind you that if we are thinking about analyzing a malware, or any file, in VirusTotal, the company shares samples with the main security companies, so we must be careful with the data we send to process this platform.