Hello Everyone
so a couple of years ago CAMAS/CIMA was discontinued and was not working but now it does work
CIMA is Xcitium Verdict Cloud
camas_tab
Comodo Automated Malware Analysis System (CAMAS)
Comodo Automated Malware Analysis System (CAMAS) is a cloud-based malware analysis platform developed by Comodo. It is a powerful tool used to identify and analyze suspicious files, such as executables, scripts, and documents, in order to determine whether they are malicious.
Here’s how CAMAS works:
Submission: Files are submitted to CAMAS for analysis, either manually or automatically through integrations.
Sandbox Environment: The submitted file is executed in a virtualized environment, called a sandbox. This isolated environment allows the file to run without affecting the user’s computer.
Behavioral Analysis: CAMAS monitors the file’s behavior within the sandbox, looking for any malicious actions, such as:
Network communication: Attempting to connect to known malicious servers.
File manipulation: Modifying or deleting critical system files.
Registry modifications: Making changes to the system registry.
Process creation: Launching other malicious processes.
Malware Detection: Based on the observed behavior, CAMAS determines whether the file is malicious. It uses a combination of techniques, including:
Signature-based detection: Comparing the file to a database of known malware signatures.
Heuristic analysis: Detecting suspicious patterns in the file’s behavior.
Machine learning: Using AI algorithms to identify malicious behavior.
Reporting: Once the analysis is complete, CAMAS generates a detailed report that includes:
File information: File type, size, hash, etc.
Behavioral analysis: Actions performed by the file in the sandbox.
Malware detection: Verdict on whether the file is malicious.
Threat intelligence: Information about the malware family, origin, and known attack vectors.
File Type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
SHA1: 019c6ae7809e3c860a8d93eea365de57d128b6b9
MD5: 0294f103cf2a4bf978983b54ee882ee6
Number of Clients Seen: 0
Human Expert Analysis Result: No human expert analysis verdict given to this sample yet.
Verdict Source: Signature Based Detection
Analysis Summary
Analysis Type Date Verdict
Signature Based Detection 2025-01-04 22:16:37 Malware
Static Analysis Overall Verdict 2025-01-04 22:16:41 Highly Suspicious
File Certificate Validation 2025-01-04 22:16:35 Not Applicable help
Precise Detectors Overall Verdict 2025-01-04 22:16:41 No Match
Static Analysis
Static Analysis Overall Verdict
Result
Highly Suspicious
Detector Result
Suspicous api calls Unknown help
Optional Header LoaderFlags field is valued illegal Clean
Non-ascii or empty section names detected Suspicious
Illegal size of optional Header Clean
Anti-debug calls Unknown help
Optional Header NumberOfRvaAndSizes field is valued illegal Clean
Based on the sections entropy check! file is possibly packed Clean
Timestamp value suspicious Suspicious
Header Checksum is zero! Suspicious
Enrty point is outside the 1st(.code) section! Binary is possibly packed Clean
Packer detection on signature database Unknown help
Anti-vm present Clean
The Size Of Raw data is valued illegal! Binary might crash your disassembler/debugger Clean
TLS callback functions array detected
Dynamic Analysis
Dynamic Analysis Overall Verdict
Result
No Threat Found
help
Suspicious Behaviors
Creates a child process
Creates file in a system directory
Writes to address space of another process
Uses a function clandestinely
Copies itself to startup
Reads memory of another process
Opens a file in a system directory
Detector Name Date Verdict Reason
Static Precise PUA Detector 1 2025-01-04 22:16:38 No Match help NotDetected
Static Precise PUA Detector 4 2025-01-04 22:16:38 No Match help NotDetected
Static Precise NI Detector 3 2025-01-04 22:16:38 No Match help NotDetected
Static Precise PUA Detector 5 2025-01-04 22:16:38 No Match help NotDetected
Static Precise Trojan Detector 1 2025-01-04 22:16:38 No Match help NotDetected
Static Precise Trojan Detector 3 2025-01-04 22:16:38 No Match help NotDetected
Static Precise PUA Detector 6 2025-01-04 22:16:38 No Match help NotDetected
Static Precise Trojan Detector 12 2025-01-04 22:16:38 No Match help NotDetected
Static Precise Virus Detector 1 2025-01-04 22:16:38 No Match help NotDetected
Static Precise Virus Detector 2 2025-01-04 22:16:38 No Match help NotDetected
Static Precise Trojan Detector 13 2025-01-04 22:16:38 No Match help NotDetected
Static Precise PUA Detector 2 2025-01-04 22:16:38 No Match help NotDetected