Malware Investigation

Malware is one of the key threats deployed by cyber criminals. These programs are able to either copy vital information from computers or even assume remote control of computers. If it is suspected that malware is present, DSS conducts an investigation in order to determine the algorithms, functionalities and network interactions of software.


The findings reported by DSS’s experts can be submitted as evidence in any subsequent criminal case. What is more, the results of the forensic investigation can be used by DSS’s Investigations Division for further analysis.


  • Determines malware’s algorithms
  • Deriving the list of control servers from the malware
  • Documenting the functional characteristics of the malware (for example, its interaction with online banking systems)
  • Exposing and documenting the malware’s capabilities forpreventing forensic investigation and detection
  • Making a log of amendments introduced to the system registry and the overall file system by the malware
  • Noting other malware informational activities that may be of relevance in a criminal case
  • Analysis of configuration files as well as other software modules loaded by the malware from the Internet (if necessary)
  • Correlating the information that is obtained with samples obtained for other malware


Following the investigation conducted by DSS, the client receives formal notification of what has been detected in accordance with the prevailing legislation, including:

  • Depiction of the malware’s algorithm, its functional capabilities and interactions with the network
  • An account of additional software modules and configuration files loaded by the malware from the Internet • Advice on how best to use this information for the purposes of investigating the security breach

Find out more about what we do

The company is currently developing a system to combat international cyber crime, which will equip the law enforcement authorities in any jurisdiction to effectively tackle the problem of computer-based malfeasance. Crucially, the technology assists at the most problematic stages of the criminal investigation, including the assemblage of evidence, DDoS protection and web auditing.