|Editor||Adlice Software - https://www.adlice.com - France|
|Descrição do editor|
DiffView is able to start monitoring on various types of items. Start analyzing a process, pick a file, or just type your own command line. As long as it's valid, a monitored process will be attached or created.
It also provides a real-time running processes list to ease attaching to existing processes. When a process is monitored, everything it does will be logged and displayed.
DiffView lets you choose what information you need to collect. It can be process manipulation, filesystem modifications or registry activity.
All of these events will be displayed in nice tree/table views, for easier understanding of what the monitored process is doing.
Analysis Score & Report
During the events collection, the analysis engine performs filtering and classification. The results of this computing produces indicators and a malicious score.
Upon completion, a full report is done and archived for later sharing and display. Happy sandboxing !