VirusTotal now has an AI-powered malware analysis feature


VirusTotal announced on Monday the launch of a new artificial intelligence-based code analysis feature named Code Insight.

The new feature is powered by the Google Cloud Security AI Workbench introduced at the RSA Conference 2023 and which uses the Sec-PaLM large language model (LLM) specifically fine-tuned for security use cases.

VirusTotal Code Insight analyzes potentially harmful files to explain their (malicious) behavior, and it will improve the ability to identify which of them pose actual threats.

“At present, this new functionality is deployed to analyze a subset of PowerShell files uploaded to VirusTotal. The system excludes files that are highly similar to those previously processed, as well as files that are excessively large,” VirusTotal founder Bernardo Quintero said.

“This approach allows for the efficient use of analysis resources, ensuring that only the most relevant files (such as PS1 files) are subjected to scrutiny.”

Code Insight will also help get insight into false positives and negatives, as its analysis is entirely independent of associated metadata (like antivirus results) since only the file’s content is being examined.

VirusTotal Code InsightVirusTotal Code Insight (VirusTotal)

It’s also important to note that the code analysis LLM model is also prone to errors, and its accuracy may vary. Therefore security analysts should interpret Code Insight-generated information while considering contextual data relevant to the analyzed file.

Despite this, as Quintero said, “the integration of LLMs into the arsenal of code analysis tools is a significant advancement that enables security professionals to gain valuable insights into the structure and behavior of potentially malicious code, improving threat detection and response efficiency.”

VirusTotal will add more file formats to the list of supported files in the following days, aiming to expand the scope of this new feature even further.

VirusTotal is an online malware-scanning platform with more than 500,000 registered users and is owned by Google’s Chronicle security subsidiary.

It helps analyze suspicious files and URLs for malicious content (including viruses, worms, and trojans) using over 70 antivirus scanners and domain blocklisting services.


  • NoneRain Photo NoneRain – 2 days ago

    They would use their own platform against PlayStore’s APPs, and Google’s Ads, right? Right?

  • wackoinWaco Photo wackoinWaco – 2 days ago

    I discovered VirusTotal online about 4 years ago and it’s a very good source for running scans on files and URL’s.
    Just a few months ago I found their mobile Android app to scan installed apps on my phone. On my first scan VT detected a suspicious app and I deleted it.
    Thanks VirusTotal

  • jkr4m3r Photo jkr4m3r – 2 days ago

    You loaded an app claiming to be VirusTotal by a dev called “FunnyCat”?

    [edit] Did some digging and did find this app is legit:

  • Malwarebytes Anti-Malware Logo

    Malwarebytes Anti-Malware

    Version: 4.5.27 4M+ Downloads

  • AdwCleaner Logo


    Version: 56M+ Downloads

  • Windows Repair (All In One) Logo

    Windows Repair (All In One)

    Version: 4.13.1 2M+ Downloads

  • Everything Desktop Search Logo

    Everything Desktop Search

    Version: 22,739 Downloads

  • Zemana AntiLogger Free Logo

    Zemana AntiLogger Free

    Version: 53,700 Downloads


Related posts

FBI seizes 13 more domains linked to DDoS-for-hire services

Sarah Henriquez

Android TV box on Amazon came pre-installed with malware

Sarah Henriquez

Cisco won’t fix authentication bypass zero-day in EoL routers

Sarah Henriquez

Leave a Comment