Private AI Assistant for Malware Analysis in ANY.RUN Sandbox
2024-10-9 17:2:17 Author: any.run(查看原文) 阅读量:7 收藏

We are excited to announce the release of an updated AI assistant, which brings powerful analysis capabilities right to your private sessions in the ANY.RUN sandbox. With our new assistant, we’ve taken things to the next level by combining deep, insightful analysis with the privacy and security you need. 

AI Reports Are Now Available for Private Sessions 

Previously, our AI assistant (powered by ChatGPT) was only accessible in public sandbox sessions. Now, it has been replaced with a new AI model fully hosted on our own infrastructure, allowing Hunter and Enterprise users to enjoy AI insights securely in private mode as well.

AI reviews inside ANY.RUN’s sandbox analysis session

With the updated version, you get detailed insights without any risk of your information being shared with third parties. Everything stays within your private session, so you can confidently analyze sensitive files and links with full privacy

How AI Assistant Helps with Malware Analysis 

Inside ANY.RUN’s sandbox, you’ll now find the AI button next to processes, Suricata rules, as well as other key elements in your analysis session.  

Click the AI button next to processes, events, and other elements to generate AI reports

By clicking the AI button, you can get detailed insights about what each element does in that specific context. This feature is designed to give you a clearer understanding of malicious behavior, speeding up your investigations and providing helpful summaries in real time. 

Here’s what AI assistant can do for you: 

1. Process trees: The AI assistant digs into the process tree, identifies suspicious behavior and offers summaries of each process, helping users focus on critical areas of interest. 

Analysis of processes by AI

2. Command line: It scans command line inputs, pinpointing potential indicators of malicious activity, and generates a detailed report to guide your investigation. 

Command line analyzed by AI

3. Suricata rule triggers: When Suricata rules are triggered, the AI assistant provides a clear explanation of what these triggers mean in the context of your security, helping you understand the potential threat level. 

Suricata rule analyzed by AI assistant

4. HTTP connections: The assistant reviews HTTP connections, summarizing any suspicious behaviors or connections that may pose a risk to your network. 

HTTP requests analyzed by AI

5. Registry changes: The assistant flags unusual changes in the system registry, highlighting actions that could signal a malware threat. 

Registry changes analyzed by AI inside ANY.RUN

AI Summary Button: A Quick Threat Overview at Your Fingertips 

After analyzing various elements inside the session with AI, you can view all the generated reports conveniently through the AI Summary button.

You can find the AI Summary button in the top right corner of your sandbox session

This button, located in the top right corner of your ANY.RUN sandbox session, compiles all the AI reviews you’ve generated for processes, Suricata rules, and other components.

By clicking the AI Summary button, you get a quick and comprehensive overview of your analysis in one place, making it easy to see everything the AI has helped you review and understand during the session. 

Conclusion

With the addition of the AI assistant in private mode, you can benefit from AI-driven insights, summaries, and explanations while ensuring that your sensitive data remains completely protected.

See more recent updates from ANY.RUN in the September 2024 release notes.

About ANY.RUN    

ANY.RUN helps more than 500,000 cybersecurity professionals worldwide. Our interactive sandbox simplifies malware analysis of threats that target both Windows and Linux systems. Our threat intelligence products, TI Lookup, YARA Search and Feeds, help you find IOCs or files to learn more about the threats and respond to incidents faster.  

With ANY.RUN you can: 

  • Detect malware in seconds
  • Interact with samples in real time
  • Save time and money on sandbox setup and maintenance
  • Record and study all aspects of malware behavior
  • Collaborate with your team 
  • Scale as you need

Request free trial of ANY.RUN’s products →


文章来源: https://any.run/cybersecurity-blog/private-ai-for-malware-analysis/
如有侵权请联系:admin#unsafe.sh