In their own words:
NSFOCUS POMA, as an integral part of the NSFOCUS Threat Intelligence (NTI) system, is a cloud‐based malware analysis engine built by the NSFOCUS Security Lab. It can take various types of files and perform both static and dynamic analysis on them to detect potentially malicious behavior, and produce analytic reports in many formats (including STIX). This service can help a user to protect his environment from various threats, such as 0‐day attacks, advanced persistent threats (APTs), ransomware, botnets, cryptocurrency mining and other malware.
We are very honored and proud to bring such values to the VirusTotal users and community.
Here are a few examples:
You can find the sandbox behaviour reports on the behavior tab.
Threat SummaryAt the top of the detailed report, right away we can see a summary of the detection.
Within the threat detail section we can see the behavior in both Windows XP SP3 and Windows 7 SP1 ordered by risk, most important at the top.
Within the behaviour report we can see an interesting UUID
Using a behavior search in VT Intelligence, we can find other samples that also use this same UUID
Connecting the dots
In the sample we can see the relationship with the IP address 185[.]45[.]252[.]36
Within VTGraph we can visually see the relationships between this sample, the IP address, domains and URLS that we know about