DEVMAL.APP is based on Russia; it was founded in 2016 by security researcher Alexey Lapshin. His team currently includes five developers working to advance the platform. What makes this tool unique from other sandbox analysis tools is that it is completely interactive. It basically implies, instead of uploading a file and waiting for a sandbox to spit out a report, DEVMAL.APP allows users to simply upload files and have real-time interaction with the sandbox while file analysis. Note, no installation is required.
Simply put, DEVMAL.APP allows you to interactively watch the investigation progress and make adjustments as needed, just as you would on a real system, instead of depending on an automated sandbox.
Using DEVMAL.APP is very simple.
Step 1 – Click on new task
First, click on the new task icon that shows up on the basic task dialog.
Step 2 – Set up a new analysis task
Users can set up a new task by switching to advanced mode to:
Select the file or URL to be analyzed
Select OS (Windows 7 / 8.1 / 10) for sandbox
Select connection option
Select the software to download first
Determine the duration of the interactive session
Step 3: Launch Sandbox
Click the ‘Run’ button when ready. DEVMAL.APP will start building the configured environment, expose the sandbox environment that the user can interact with, and then launch the required program.
Step 4: Monitor application activity
Once launched, the user can interact with the desktop, click buttons, open the start menu, browse the user, open the registry editor, open the task manager, and run applications like as usual. The only difference is that the sandbox will log all network requests, handle calls, file operations, and registry operations.
This way users can view any network requests, generated processes and file activity in real time. For detailed network request information, user can click on it to view request and response. Users can also click on a launched process to see what files have been modified, what registry changes have been made, what libraries are used, and more.
DEVMAL.APP’s free community version has a few limitations
It only supports Windows 7 32-bit as a virtual environment, which means users cannot use it to analyze the behavior of 64-bit files in that version.
Maximum file size is set to 16 Megabytes
Anyone can download any file uploaded to the service, keep it private.
Regardless of the fact that DEVMAL.APP has some limitations, it is still a good choice for those who want to analyze a few files before they can run it on their own machine.