Here is How We Improved ANY.RUN's Threat Coverage in September

September has been a productive month at #ANYRUN, packed with exciting new features and improvements. We’ve launched?Safebrowsing, a powerful tool that lets you safely check suspicious URLs in an isolated browser.?

?? Try Safebrowsing — available now for all #ANYRUN users!

We’ve focused on enhancing detection tools and improving your experience. With the release of new signatures and YARA rules, you can now strengthen your security even further. Let’s dive into the details!

?? Network Detections Update??

In September, we added?459 new Suricata rules, of which?382 are dedicated to phishing detection.???

This significant increase comes from closely monitoring the activity of threat actor?Storm-1575 , leading to the identification of two primary tools currently used by this group.??

? ?? Read our recent Storm-1575 phishkit comparison

?? New Signatures??

9 new signatures have been integrated:???

• Stealc ?signature for mutex detection??

• Razr ?signature for .raz file extension??

• SFX ?Dropper?signature ??

• Alucard ?ransomware ??

• Tgbdownloader ?adware ??

• Xmrig ?mutex and file drop detection??

• Hawkeye ?ransomware detection ??

• Scheduled task creation via?Registry ???

• EFI ?boot file modification?

?? YARA Rules Update??

We’ve added? 5 new YARA rules?to detect various malware threats:??

• Megatools ?downloader ??

• Goldeneye ?ransomware ??

• Diablonet ?detection??

• Pown ?ransomware ??

• AutoIT ?scripts detection

Additionally, we’ve updated the YARA rule for?Lumma , enhancing the detection mechanism for this threat.???

With #ANYRUN you can:??

• Detect malware in seconds?

• Interact with samples in real time?

• Save time and money on sandbox setup and maintenance?

• Record and study all aspects of malware behavior?

• Collaborate with your team

Request free trial of ANY.RUN ’s products → ?