Exalyze

Accelerate malware analysis

Skip the first 30 minutes of reverse engineering a sample, instantly analyze, get actionable insights and pivot using code comparison

Created by malware analysts, for malware analysts

Drag & drop your samples here

or to get started

Maximum upload size: 25MB • Max files per upload: 10

Supported file types: PE and ELF executables

701.9K

Samples Analyzed

468.9M

Functions analyzed

355.2M

PE Functions analyzed

18.2M

ELF Functions analyzed

Detailed sample reports, in seconds

Exalyze fully decompiles, analyzes any submitted binary (ELF or PE) and extracts relevant metadata.

It provides a detailed analysis report that gives a good overview of what the sample is doing using indicators like the MITTRE ATT&CK techniques, sample capabilities, network identifiers extraction and YARA rule matching

Check out this SysJocker sample

In depth understanding of a sample without struggle

The sequence view gives you a detailed overview of the control flow graph of the sample, the system calls it makes and the relevant strings associated.

This gives a clear idea of how the sample interacts with the system and helps detecting persistence patterns, IoCs and malicious operations

Start analyzing
Sequence view extract of a a sample setting up its persistence

Pivot with metadata search & code similarity

Exalyze's search engine allows to find samples based on any extracted metadata. Could it be import and rich hashes, network identifiers or even the Yara rules the sample matches.

Using the similar_to filter, you can compare the control flow graph of a sample to the whole database in a matter of seconds to identify same "variations" of a sample, using the change resilient Machoc hash.

Find similar SysJocker samples

Made by malware analysts, for malware analysts

Exalyze is the product of 15 years on R&D and Exatrack's 7 years hunting malicious actors on the field

This translates to a product packed with powerful features like automatic YARA rule generation for an analyzed sample, entropymap view of a sample or advanced insights coming from Exatrack very own YARA ruleset.

Exalyze is designed to boost our malware analysts team efficiency, and it is now available for everyone and for free

Start using Exalyze

Community

Join our community of malware analysts and interact with the team behind Exalyze

Join us on Discord

Exalyze Premium

Collaboratively hunt malwares using Exalyze groups, upload sensitive or confidential samples, pivot on matched Yara rules and analyze your sample against Exatrack's advanced YARA ruleset

Subscribe