DUBAI, DUBAI, UAE, July 27, 2023/EINPresswire.com/ — ANY.RUN, a cloud interactive sandbox for malware analysis, has released a Monthly Updates: Digital Signatures, New Network rules in their blog.
๐๐ซ๐จ๐๐ฎ๐๐ญ ๐ฎ๐ฉ๐๐๐ญ๐๐ฌ
Digital signatures. Digital signature data is now accessible in ANY.RUN both for processes and modules.
๐๐๐ฐ ๐๐๐๐ ๐ซ๐ฎ๐ฅ๐๐ฌ ๐๐ง๐ ๐๐ข๐ ๐ง๐๐ญ๐ฎ๐ซ๐๐ฌ
Weโve added a signature for lu0bot as well as new YARA rules for the following families: PureLoader, Revil\Sodinokibi, BanditStealer,Redosdru.
๐๐จ๐ง๐๐ข๐ ๐๐ฑ๐ญ๐ซ๐๐๐ญ๐จ๐ซ ๐๐๐๐ข๐ญ๐ข๐จ๐ง๐ฌ ๐๐ง๐ ๐๐ข๐ฑ๐๐ฌ
ANY.RUN can automatically extract and decrypt the configuration for over 60 malware families, giving you quick access to encrypted strings.
๐๐๐ฐ ๐๐๐ฌ๐๐๐ฎ๐๐จ ๐ฆ๐๐ฅ๐ฐ๐๐ซ๐ ๐๐จ๐ฎ๐ง๐.
The Internet of Things (IoT) is all around us, and it has its own lightweight protocols, such as MQTT. Malicious actors decided to exploit this and have created yet another malware based on MQTT.
๐๐ง๐๐ซ๐๐๐ฌ๐๐ ๐๐๐ญ๐ข๐ฏ๐ข๐ญ๐ฒ ๐จ๐ ๐๐๐ ๐ ๐ซ๐จ๐ฎ๐ฉ๐ฌ ๐๐๐ญ๐๐๐ญ๐๐ ๐ข๐ง ๐๐ฎ๐ฅ๐ฒ
This month, ANY.RUN observed a surge in activity from APT groups such as APT37, Storm-0978, and Lazarus.
๐๐๐ฐ ๐ง๐๐ญ๐ฐ๐จ๐ซ๐ค ๐๐ง๐ ๐๐๐ญ๐๐๐ญ๐ข๐จ๐ง ๐ซ๐ฎ๐ฅ๐๐ฌ
In July, ANY.RUN wrote 74 new network rules in the Suricata format.
โข Minimal_PC_Miner, Repl.it Miner coverage added.
โข A new rule created to mark Hydrochasma reverse proxy.
โข Improved Danabot coverage.
โข Two new phishing rules added.
โข Fabookie, Stealc, Formbook, and GuLoader have also received additional rules for detecting network activity.for loading shellcode.
The ANY.RUN team works hard to keep up with emerging threats.
Read more with examples in the article at ANY.RUN.
Vlada Belousova
ANYRUN FZCO
email us here
Visit us on social media:
Twitter
YouTube
