# What Is Malware Analysis?

Malware analysis is the process of combining different signals to decide whether a suspicious sample is safe, risky, or malicious.

## What It Means In Virusis

Virusis does not do this through a single layer. The current product flow brings together at least:

* provider verdicts
* hash-based sample identity
* scoring layers
* threat enrichment
* static analysis

## Why a single verdict is not enough

Because the same sample can be:

* clean in one provider
* suspicious in another
* high-entropy in static analysis
* associated with a tactic in the enrichment layer

Analysis is the act of reading those signals together.

## Where analysis appears in Virusis

* the scanner starts the submission
* engine cards stream onto the result page
* score cards and checksums add orientation
* threat intelligence and static analysis provide depth

## Short conclusion

In Virusis, malware analysis is not a single verdict from one external service. It is a layered investigation workflow.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.virusis.com/ai-explainers/what-is-malware-analysis.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.