Dynamic Malware Analysis Platform (DMA) is a platform operated by CIRCL, which allows the analysis of potential malicious software or suspicious documents in a secure and virtualized environment.
Users can upload their suspicious software or document files via a web-interface and select a specific target platform. The request is then automatically processed and executed within the selected target. After the execution, additional analysis is performed like memory analysis and comparative analysis. Then a report is made available including all the complete dynamic analysis, memory analysis and additional information.
Yes. Unlike some other public services, CIRCL doesn’t share files uploaded into the DMA platform. We strongly commit to protect your privacy and the confidentiality of your documents.
The DMA TLS-based interface allows the user to submit a file for analysis. The user can select the analysis package and the type of operating system to use.
DMA is based on Analysis Packages from cuckoo sandbox.
We are evaluating to add dynamic analysis of Android files (apk). If you need a specific format to be supported, let us know.
Dynamic analysis is not a magical solution. If an analysis fails, you can resubmit the suspicious files to CIRCL for further manual malware analysis.
If you are an organization based in Luxembourg, you can request access by contacting us.