Now, it is not enough to run the file on the testing system to be sure in its safety.
For some types of malware or vulnerabilities (e.g APT), direct human interaction is required.
ANY.RUN allows you to interactively watch the research process and make adjustments when needed, just as
you would do it on a real system, rather than relying on automated sandbox.
Executible file was dropped
The service shows many aspects of testing,
such as creating new processes, file and
registry activity, network requests and much
more in the real-time. It allows you to make
conclusions during the task execution, not
waiting for the final report.
A community consisting of a large number of researchers from different countries allows to collect and
analyze attacks at the moment of their appearance,
revealing the IOC at the initial stage. The data can be accessed through public submissions surfing and
also by downloading it in specialized formats.
Easy to share
The report contains important parts of the analysis, like video, screenshots, as
well as all the data
accumulated during the task execution. There is an ability for a team work in a single desktop mode or
a real-time presentation for several people.