19 docs tagged with "classification"

Learn how ReversingLabs tracks and adjusts certificate revocation dates, and how this affects sample classification and search results.

Explains ReversingLabs' classification algorithm, detailing how files are categorized into four groups: no threats found, known (goodware), suspicious, and malicious. Explains the concept of risk scores, which represent the trustworthiness or malicious severity of a sample.

How ReversingLabs identifies and corrects false positives reported by customers.

SpectraCore native binary file types and identifications for analyzing uncompressed executable and archive binary files.

SpectraCore native ELF file types and identifications for Linux/Unix executable formats in multiple architectures.

SpectraCore native ELF self-extracting file types supporting 32/64-bit big and little endian architectures.

SpectraCore native file types and subtypes overview covering binary, text, PE, ELF and multimedia formats.

SpectraCore multimedia file types including audio, video, image, document formats and media containers.

SpectraCore native PE file types including executables and libraries for Windows platform analysis.

SpectraCore native PE self-extracting file types and identifications for Windows executables and libraries.

SpectraCore native script file types and identifications for analyzing interpreted programming languages.

SpectraCore native text file types and identifications covering plain text and source code formats.

Outlines the standardized naming conventions used by ReversingLabs to identify and classify malware, ensuring consistency and clarity in threat reporting.

Presents a detailed table correlating classifications, trust factors, threat levels, and risk scores, offering insights into how risk assessments are quantified.

Reference for Spectra Core security grades (A-F) and detailed grade codes (RC, WC, SC) assigned during static analysis.

Comprehensive reference of Spectra Core tags for file classification, digital signatures, vulnerabilities, and security characteristics.

SpectraCore supported unpacking formats including packers, archives, installers and self-extracting executables.

SpectraCore verified software and package identities including applications, LOLBins, LOLDrivers, steganography, hacker tools, and frameworks.

Explores the integration of YARA, a tool for pattern matching, with Spectra Core, detailing how custom rules can be utilized to identify and classify files based on specific patterns.