Skip to main content

What is DECODA?

DECODA is a malware analysis platform that combines conversational AI with a full static analysis toolkit. Upload a suspicious file, ask questions in plain English, and let the AI run tools like Ghidra, YARA, and Python scripts inside an isolated sandbox to break down what the sample does. Whether you’re triaging alerts in a SOC, conducting deep reverse engineering, or learning how malware works, DECODA handles the heavy lifting so you can focus on understanding threats.

Key Capabilities

Two Analysis Modes

Ask mode for quick Q&A about samples. Agent mode for autonomous, tool-driven deep analysis.

Automated Triage

Every upload is automatically hashed, scanned with YARA rules, checked against VirusTotal, and classified by type.

Sandboxed Tooling

Ghidra, YARA, Python, and 15+ tools run inside isolated Firecracker microVMs with network disabled. No risk of malware callbacks.

Threat Intelligence Reports

Generate structured reports with IOCs, MITRE ATT&CK mappings, and executive summaries. Export as Markdown, PDF, or HTML.

Who is DECODA for?

  • SOC Analysts looking to speed up alert triage and sample classification
  • Incident Responders who need fast, actionable intelligence from suspicious files
  • Reverse Engineers who want AI assistance with static analysis workflows
  • Security Students learning malware analysis and reverse engineering techniques
  • Threat Hunters building detection rules and tracking adversary TTPs

Get Started

Quickstart

Upload your first sample and run your first analysis in minutes.

Analysis Modes

Learn the difference between Ask and Agent mode, and when to use each.

Triage Pipeline

Understand what happens automatically when you upload a sample.

Reports

Generate and export structured threat intelligence reports.

Interface Features

Keyboard shortcuts, conversation branching, chat sharing, and more.

Reference

Supported File Types

26+ file types from PE to PCAP, with detection methods and tool routing.

Analysis Tools

Detailed reference for every tool available in Agent mode.

IOC Categories

All indicator types DECODA can extract, with export formats.

Account & Help

Plans & Billing

Subscription tiers, usage limits, and the credit system.

Security & Privacy

How DECODA isolates malware and protects your data.