File analysis enrichment refers to the process of taking a file, executing it, and recording the behaviors which result from execution. This activity usually takes place in a sandbox environment which would limit the impact of executing a malicious file. Usually file analysis is only performed after File Hash Analysis and when there are no records pertaining to the file hash analyzed. Based on execution behaviors and signatures (like YARA), executables can be identified as benign or malicious.
Analyze suspicious files with Any.run | Story Library | Tines
Analyze Malware with Intezer using Pages | Story library | Tines
Analyze a file in VirusTotal | Library | Tines
Examine a file in CrowdStrike FalconX Sandbox | Library | Tines
Analyze a hash with YARA rules using Abuse.ch YARAify | Library | Tines
Building and managing malware analysis labs with Tines workflows | Tines
Sandbox Analysis for Malware Detection Explained | Fidelis Security