DEX File Analysis
Table of Contents
Expand all | Collapse all
-
- Advanced WildFire Support for EML Files
- Advanced WildFire Dashboard Enhancements
- Mach-O Support for WildFire Inline ML
- Advanced WildFire Public Sector Cloud
- Advanced WildFire Government Cloud
- WildFire Spain Cloud
- WildFire Saudi Arabia Cloud
- WildFire Israel Cloud
- WildFire South Africa Cloud
- WildFire South Korea Cloud
- WildFire Qatar Cloud
- WildFire France Cloud
- WildFire Taiwan Cloud
- WildFire Indonesia Cloud
- WildFire Poland Cloud
- WildFire Switzerland Cloud
- Advanced WildFire Support for Intelligent Run-time Memory Analysis
- Shell Script Analysis Support for Wildfire Inline ML
- Standalone WildFire API Subscription
- WildFire India Cloud
- MSI, IQY, and SLK File Analysis
- MS Office Analysis Support for Wildfire Inline ML
- WildFire Germany Cloud
- WildFire Australia Cloud
- Executable and Linked Format (ELF) Analysis Support for WildFire Inline ML
- Global URL Analysis
- WildFire Canada Cloud
- WildFire UK Cloud
- HTML Application and Link File Analysis
- Recursive Analysis
- Perl Script Analysis
- WildFire U.S. Government Cloud
- Real Time WildFire Verdicts and Signatures for PDF and APK Files
- Batch File Analysis
- Real Time WildFire Verdicts and Signatures for PE and ELF Files
- Real Time WildFire Verdicts and Signatures for Documents
- Script Sample Analysis
- ELF Malware Test File
- Email Link Analysis Enhancements
- Sample Removal Request
- Updated WildFire Cloud Data Retention Period
- DEX File Analysis
- Network Traffic Profiling
- Additional Malware Test Files
- Dynamic Unpacking
- Windows 10 Analysis Environment
- Archive (RAR/7z) and ELF File Analysis
- WildFire Analysis of Blocked Files
- WildFire Phishing Verdict
DEX File Analysis
The WildFire public cloud can now analyze
Dalvik executable (DEX) files with malicious, benign, or grayware
verdicts. Individual DEX files not forwarded by the firewall to
Wildfire for analysis. Instead, DEX files can be uploaded for analysis
using the WildFire API or the WildFire portal (With a WildFire subscription,
you can manually and programmatically submit a daily total of 1,000
files). DEX files contained within APK files are analyzed as part
of the APK file analysis. As with all malicious samples, the WildFire
public cloud generates and distributes a signature to firewalls
to prevent future instances of the file from penetrating your network.
Signatures generated by DEX file analysis are matched against DEX
files passing through the firewall, as well as those contained within
APK files. No additional configuration needs to be made in order
to take advantage of his feature.
The WF-500 appliance
does not support DEX file analysis.
- Manually upload DEX files to the WildFire public cloud for analysis. You can then view the WildFire sample analysis report and verdict (malicious, grayware or benign) on the WildFire portal.Use the WildFire API to submit DEX files to the WildFire public cloud. You can continue to use the WildFire API to retrieve verdicts and analysis reports for DEX files.