Private AI Assistant for Malware Analysis in ANY.RUN Sandbox
We are excited to announce the release of an updated AI assistant, which brings powerful analysis capabilities right to your private sessions in the ANY.RUN sandbox. With our new assistant, we’ve taken things to the next level by combining deep, insightful analysis with the privacy and security you need.
AI Reports Are Now Available for Private Sessions
Previously, our AI assistant (powered by ChatGPT) was only accessible in public sandbox sessions. Now, it has been replaced with a new AI model fully hosted on our own infrastructure, allowing Hunter and Enterprise users to enjoy AI insights securely in private mode as well.
With the updated version, you get detailed insights without any risk of your information being shared with third parties. Everything stays within your private session, so you can confidently analyze sensitive files and links with full privacy.
How AI Assistant Helps with Malware Analysis
Inside ANY.RUN’s sandbox, you’ll now find the AI button next to processes, Suricata rules, as well as other key elements in your analysis session.
By clicking the AI button, you can get detailed insights about what each element does in that specific context. This feature is designed to give you a clearer understanding of malicious behavior, speeding up your investigations and providing helpful summaries in real time.
Here’s what AI assistant can do for you:
1. Process trees: The AI assistant digs into the process tree, identifies suspicious behavior and offers summaries of each process, helping users focus on critical areas of interest.
2. Command line: It scans command line inputs, pinpointing potential indicators of malicious activity, and generates a detailed report to guide your investigation.
3. Suricata rule triggers: When Suricata rules are triggered, the AI assistant provides a clear explanation of what these triggers mean in the context of your security, helping you understand the potential threat level.
4. HTTP connections: The assistant reviews HTTP connections, summarizing any suspicious behaviors or connections that may pose a risk to your network.
5. Registry changes: The assistant flags unusual changes in the system registry, highlighting actions that could signal a malware threat.
AI Summary Button: A Quick Threat Overview at Your Fingertips
After analyzing various elements inside the session with AI, you can view all the generated reports conveniently through the AI Summary button.
This button, located in the top right corner of your ANY.RUN sandbox session, compiles all the AI reviews you’ve generated for processes, Suricata rules, and other components.
By clicking the AI Summary button, you get a quick and comprehensive overview of your analysis in one place, making it easy to see everything the AI has helped you review and understand during the session.
Conclusion
With the addition of the AI assistant in private mode, you can benefit from AI-driven insights, summaries, and explanations while ensuring that your sensitive data remains completely protected.
See more recent updates from ANY.RUN in the September 2024 release notes.
About ANY.RUN
ANY.RUN helps more than 500,000 cybersecurity professionals worldwide. Our interactive sandbox simplifies malware analysis of threats that target both Windows and Linux systems. Our threat intelligence products, TI Lookup, YARA Search and Feeds, help you find IOCs or files to learn more about the threats and respond to incidents faster.
With ANY.RUN you can:
Detect malware in seconds
Interact with samples in real time
Save time and money on sandbox setup and maintenance
Record and study all aspects of malware behavior
Collaborate with your team
Scale as you need
Request free trial of ANY.RUN’s products →
The post Private AI Assistant for Malware Analysis <br>in ANY.RUN Sandbox appeared first on ANY.RUN’s Cybersecurity Blog.
ANY.RUN’s Cybersecurity Blog – Read More