ANY.RUN monthly updates: Digital Signatures, New Network rules, and More

DUBAI, DUBAI, UAE, July 27, 2023/EINPresswire.com/ — ANY.RUN, a cloud interactive sandbox for malware analysis, has released a Monthly Updates: Digital Signatures, New Network rules in their blog.

??????? ???????

Digital signatures. Digital signature data is now accessible in ANY.RUN both for processes and modules.

??? ???? ????? ??? ??????????

We’ve added a signature for lu0bot as well as new YARA rules for the following families: PureLoader, RevilSodinokibi, BanditStealer,Redosdru.

?????? ????????? ????????? ??? ?????

ANY.RUN can automatically extract and decrypt the configuration for over 60 malware families, giving you quick access to encrypted strings.

??? ???????? ??????? ?????.

The Internet of Things (IoT) is all around us, and it has its own lightweight protocols, such as MQTT. Malicious actors decided to exploit this and have created yet another malware based on MQTT.

????????? ???????? ?? ??? ?????? ???????? ?? ????

This month, ANY.RUN observed a surge in activity from APT groups such as APT37, Storm-0978, and Lazarus.

??? ??????? ??? ????????? ?????

In July, ANY.RUN wrote 74 new network rules in the Suricata format.

• Minimal_PC_Miner, Repl.it Miner coverage added.
• A new rule created to mark Hydrochasma reverse proxy.
• Improved Danabot coverage.
• Two new phishing rules added.
• Fabookie, Stealc, Formbook, and GuLoader have also received additional rules for detecting network activity.for loading shellcode.

The ANY.RUN team works hard to keep up with emerging threats.

Read more with examples in the article at ANY.RUN.

Vlada Belousova
ANYRUN FZCO
email us here
Visit us on social media:
Twitter
YouTube