What can you do that virustotal can not ?
Virustotal is sort of useful tool for the first 5 minutes of analysis, but like all AVs it determines the behavior of a program in its own virtual environment. If malware is written to detect that, it will run normally and Virustotal will not detect it. However, Virustotal and other AV companies have an agreement to share samples which are uploaded. Sometimes they will include Virustotal submissions even if the file is not malicious. It's qualitatively equivalent to any other AV, but with all their different approaches to malware detection.
No technology can yet supersede a few years worth of skill and human intuition.
Do you offer ip tracking of trojan master or just determine mallability of programs ?!
Implied in "network analysis." I can tell you much more than just the maliciousness of a software. Depends on what you ask for.
Edit: IP tracking might be tricky. It really depends on the software. If the author is intelligent, they would use TOR and similar shit. I would have to look at the sample to determine the difficulty and price, and give you a better answer.
Cheers
How do you mean tor ?! afaik you cant use tor as gateway for usual no-ip or dyn-dns redirects.
If you said proxy or vpn i would agree, but so far i am yet to find someone using tor for this particular thingy. (highly fuzzed about this)
It's trivial for malware to use TOR to connect to a command / control server or a collector. Malware which uses TOR is old news. Both TOR and VPN rely on TCP/IP to get to the next node / VPN server, otherwise routing would be impossible, but it takes much more work to trace the connection (you would need control over the nodes in between, or the VPN server).
Cheers
