Context has developed a very high level of expertise in malware analysis and employs some of the most talented reverse engineers in the UK.
Malware investigations generally originate from targeted attack or APT investigations which have resulted in the forensic analysis of a machine. Carrying out a detailed analysis of malicious software found during an investigation is an opportunity to learn about an attack – what was the delivery mechanism, how did the attack evade network defences, how did the malware behave once installed, when was it installed, who instigated the attack and why?
Context uses state of the art analysis tools and methods that enable these processes to be carried out very quickly, leading to a better, faster result for clients. If samples of the malware have been previously analysed for other clients we will not charge for the work to be done again (unless the client asks us to do so), but will instead brief the client on the findings from the previous investigation.
Context also has the ability to break custom encryption routines which malware may have incorporated to conceal its activity from network traffic analysis.