Guide to Online Antivirus Solutions Part 4: Norman SandBox Malware Analyzer
Internet connections are getting faster every day, so online antivirus solutions transformed from proof of concepts into actual quality security services. Lately I have been playing with some leading online antivirus products and here are my thoughts.
After Panda Security NanoScan and TotalScan, Trend Micro’s HouseCall and Kaspersky Online Scanner, this time we have something a bit different.
Norman SandBox Technology (sandbox.norman.no) is a virtual environment where programs may perform in safe surroundings without interfering with the real processes, program files and network environment. If a program performs actions that the SandBox regards as suspicious, using a set of parameters, the program is “tagged” as a malicious program. This technology is used in Norman antivirus products, but they also offer a free Sandbox online service.
The process is pretty simple: upload a suspicious file, enter your e-mail address and you will receive the results over e-mail.
Better yet, you can check the online details on the last submitted files to Sandbox. There you will both inspect your file, as well as those submitted by other users.
Unfortunately, as you can see from the screenshot, this free online version doesn’t let you check the details including the network services the specific malware connects to. Nevertheless, Norman Sandbox provides some fast detection capabilities for your suspicious files.