ANY.RUN upgraded its malware analysis sandbox with a new, private AI model, which replaces the previous public-only ChatGPT-powered assistant.
The new model runs entirely on its infrastructure, allowing paid users (Hunter and Enterprise) to leverage AI insights for private analysis sessions.
It ensures user data remains confidential as the AI analyzes files and links within the Sandbox environment by empowering users to securely analyze sensitive information with the added benefit of AI-powered investigation aids.
A malware analysis sandbox now integrates an AI assistant to streamline investigations. By clicking the “AI” button next to processes, events, and other elements, users can generate AI-powered reports, which offer detailed insights into the specific behavior of each element within the analysis session.
Try malware analysis in private mode with ANY.RUN
This functionality aims to enhance analysts’ understanding of malicious activities by providing real-time summaries and highlighting suspicious actions, ultimately leading to faster and more efficient investigations.
The AI assistant analyzes process behavior and command line inputs to identify potential security threats by examining the process tree to detect suspicious activity and provides summaries of each process, allowing users to focus on critical areas.
The assistant examines the inputs on the command line for any indications of malicious activity and generates a comprehensive report to assist with investigations.
Suricata rules act as digital sentinels, constantly monitoring network traffic for suspicious activity. When a rule is triggered, an AI assistant provides a detailed explanation, translating technical jargon into plain language.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
It empowers users to comprehend the potential threat level and take appropriate countermeasures. By offering contextual insights, the AI assistant enhances the effectiveness of Suricata’s intrusion detection capabilities.
As part of its diligent monitoring of network traffic, the assistant carefully examines HTTP requests in search of any unusual patterns that could be indicative of malicious activity.
It also tracks changes to the system registry, flagging any irregularities that could potentially signal a malware intrusion.
By proactively identifying and analyzing these suspicious behaviors, the assistant helps safeguard the network from potential threats.
According to ANY.RUN’s AI Summary button streamlines malware analysis by consolidating AI-generated reports in a single location. Located in the top right corner of the sandbox session, this button compiles AI reviews for processes, Suricata rules, and other analyzed elements.
Clicking the AI Summary button provides a comprehensive overview of the analysis, allowing users to efficiently review and understand all AI-identified threats and behaviors within the sandboxed environment.
The AI assistant’s private mode enables users to leverage AI-powered features like summarization, insights, and explanations without compromising the security of their sensitive information.
By operating in a private environment, the AI assistant ensures that user data remains confidential and protected from unauthorized access, which is particularly valuable for users who require a high level of data privacy while still benefiting from the advanced capabilities of AI technology.
Try AI-powered malware analysis with ANY.RUN for Free