SIGN IN YOUR ACCOUNT TO HAVE ACCESS TO DIFFERENT FEATURES

FORGOT YOUR PASSWORD?

FORGOT YOUR DETAILS?

AAH, WAIT, I REMEMBER NOW!
[email protected]
  • My Binalyze

Binalyze

  • HOME
  • PRODUCTS
    • AIR
    • IREC TACTICAL
    • IREC for Linux
  • DOWNLOADS
  • BLOG
  • FAQ
  • COMPANY
    • ABOUT US
    • OUR TEAM
    • CAREERS
  • CONTACT US
BUYNOW

IREC v2

Emre TINAZTEPE
Friday, 15 May 2020 / Published in Incident Response

IREC v2

It has been quite a long time since the last time we updated you with what’s new on Binalyze. The reason for that is it was a very busy period full of new features, updates, and even a new product! Now it is time to share the news with you.

Autoruns

As we all know, investigating a PC is getting harder each and every day due to the increasing complexity of Cyber Attacks. Even though we have designed IREC to be the most complete evidence collector in the market there was still a missing piece: Autostart Locations. As of Windows 10, there are more than 200 registry and file system locations that could be abused by malware and attackers! It means, on a regular PC you will have approximately 1000 entries in total that have the potential of executing malicious code on each system restart. The good news is, IREC v2 lists all of these in an intuitive way with all the information you need such as Digital Signature of the file in question, MAC times for each entry, last write time of the registry key, and the hash of the file! 

Process Viewer

Version 2 comes with an all-new easy to use process viewer in which you can filter, search, and show the details of each process alongside important information such as TCP Connections, Modules, and other details.

1-Click Virus Total results

The new report lets you view Virus Total results and relations for each URL and IP Address with a single click.

Bookmarking

Wouldn’t it be great to bookmark the pieces of evidence either for further investigation or reporting purposes? That’s why we have added an easy bookmarking feature which will persist in the browser’s local storage. So you won’t lose your bookmarks even when you close the browser.

This is just a quick summary of what we have added to the latest version so far. For the full list you can visit IREC page.

Release Notes : Version 2.0.2

Download Now : IREC v2

Tagged under: dfir, digital forensics, Incident Response, IREC

What you can read next

IR Plan
Incident Response Plan
SHIELDing DFIR against CryptoLockers!
New SOC Approach: Automated Incident Response

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

four − 3 =

Categories

  • Incident Response

Recent Posts

  • Start triage with already set YARA rules for SUNBURST

    3 weeks ago, one of the biggest breaches happen...
    0 comments
  • SUNBURST Back Door knocking on the World’s Front Door

    FireEye has uncovered a malicious campaign that...
    0 comments
  • Meet TimelineIR

    Some History ”Digital forensics is 40 years old...
    0 comments
  • New SOC Approach: Automated Incident Response

    Flood of Alerts Hits SOCs Cyber-attacks are on ...
    0 comments
  • SHIELDing DFIR against CryptoLockers!

    Some History It was around 7 years ago when I a...
    0 comments

NAVIGATION

  • About Us
  • FAQ
  • Contact Us

US OFFICE

Phone: +1 (516) 986-0830
Email: [email protected]

Address: 575 Underhill Blvd. Suite 208 Syosset, NY 11791 USA

Open in Google Maps

EUROPE OFFICE

Phone: +372 712 1345
Email: [email protected]

Address: Narva mnt 5, 10117 Tallinn, Estonia

Open in Google Maps

Binalyze Twitter

22 hours ago@binalyze updated its AIR product containing as well the YARA Rules for SUNBURST thanks to our colleagues at… https://t.co/c6VDYOk1Nc
Follow @binalyze

Payments by Paddle

Our order process is conducted by our online reseller Paddle.com. Paddle.com is the Merchant of Record for all our orders. Paddle provides all customer service inquiries and handles returns.

  • GET SOCIAL
Binalyze

TOP
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok