{"id":5096,"date":"2023-05-31T05:30:42","date_gmt":"2023-05-31T05:30:42","guid":{"rendered":"\/cybersecurity-blog\/?p=5096"},"modified":"2025-06-26T09:51:00","modified_gmt":"2025-06-26T09:51:00","slug":"how-to-create-a-task","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/","title":{"rendered":"How to Create a Task in ANY.RUN:<br>a Step-by-Step Guide"},"content":{"rendered":"\n<p>&nbsp;Tasks in <a href=\"https:\/\/any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=howtocreatetask&amp;utm_content=landing\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN sandbox<\/a> are like projects in GitHub. Every time you start an analysis of a suspicious object or link you create a new one. Follow these steps to get started.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Create a new task&nbsp;<\/h2>\n\n\n\n<p>First, let\u2019s open the configuration window. This is how we\u2019ll be able to set up our virtual machine and network options.&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Click on the \u201cNew task\u201d button in the sidebar to get started.&nbsp;<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"572\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-4-1024x572.png\" alt=\"ANY.RUN service\" class=\"wp-image-5098\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-4-1024x572.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-4-300x168.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-4-768x429.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-4-1536x858.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-4-370x207.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-4-270x151.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-4-740x413.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-4.png 1600w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>This is accessible from your dashboard and when browsing public submissions. A&nbsp;modal window will pop up with options to set up the VM.&nbsp;<\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nRegister <span class=\"highlight\">for free<\/span> and follow along\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/app.any.run\/?utm_source=anyrunblog&amp;utm_medium=article_ctabanner&amp;utm_campaign=howtocreatetask&amp;utm_content=register\" rel=\"noopener\" target=\"_blank\">\nCreate an account\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">Choose the setup mode&nbsp;<\/h2>\n\n\n\n<p>There are a couple of ways to configure your virtual machine in the cloud.&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A default mode, which is our &#8216;plug-and-play&#8217; option&nbsp;<\/li>\n\n\n\n<li>And a \u201cPro\u201d mode \u2014 this is the one you will likely use most of the time&nbsp;<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"946\" height=\"1014\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-3.png\" alt=\"configure your virtual machine in ANY.RUN\" class=\"wp-image-5097\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-3.png 946w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-3-280x300.png 280w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-3-768x823.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-3-370x397.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-3-270x289.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-3-740x793.png 740w\" sizes=\"(max-width: 946px) 100vw, 946px\" \/><\/figure>\n\n\n\n<p>In the default mode you can:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Upload a file \u2014 by choosing it from the filesystem or drag-and-dropping \u2014 or insert a link.&nbsp;<\/li>\n\n\n\n<li>Choose an operating system&nbsp;<\/li>\n\n\n\n<li>Specify the \u201cbitness\u201d&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>For our paid users, tasks will run with privacy setting set to \u201cprivate\u201d. This means that the result will not be saved in public submissions. And for our community plan users the default mode will be set to \u201cpublic\u201d.&nbsp;<\/p>\n\n\n\n<p>Switch to the pro mode to configure these and other settings.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Configure advanced settings&nbsp;<\/h2>\n\n\n\n<p>Flip the \u201cPro\u201d toggle to access advanced settings.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"848\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/pro-mode-min-1024x848.png\" alt=\"\" class=\"wp-image-6119\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/pro-mode-min-1024x848.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/pro-mode-min-300x249.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/pro-mode-min-768x636.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/pro-mode-min-1536x1273.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/pro-mode-min-370x307.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/pro-mode-min-270x224.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/pro-mode-min-740x613.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/pro-mode-min.png 1762w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>The first thing you\u2019ll probably notice after the window transforms is the \u201cNew VM video streaming\u201d toggle. It optimizes the VM to be responsive with a higher frame rate.&nbsp;&nbsp;<\/p>\n\n\n\n<p>You can use the dropdowns to choose the startup directory and, when analyzing links, a default web browser. You can select Chrome, Firefox, Opera, or Internet explorer.&nbsp;<\/p>\n\n\n\n<p>Then add a cmd command to customize the startup behavior \u2014 type your own or use a preset.&nbsp;<\/p>\n\n\n\n<p>The \u201cChange extension to valid\u201d option controls what happens when a file lacks an extension or comes with an invalid one. Set it to \u201con\u201d and it will edit the extension when necessary, so the file always runs.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"850\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/sample-upload-min-1024x850.png\" alt=\"\" class=\"wp-image-6120\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/sample-upload-min-1024x850.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/sample-upload-min-300x249.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/sample-upload-min-768x637.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/sample-upload-min-1536x1275.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/sample-upload-min-370x307.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/sample-upload-min-270x224.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/sample-upload-min-740x614.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/sample-upload-min.png 1752w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Extend the time limit&nbsp;<\/h2>\n\n\n\n<p>Use the slider to set the execution time limit \u2014 it controls how long your VM stays alive and goes up to 20 minutes, depending on your plan.&nbsp;&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"842\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/duration-min-1024x842.png\" alt=\"\" class=\"wp-image-6121\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/duration-min-1024x842.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/duration-min-300x247.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/duration-min-768x631.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/duration-min-1536x1262.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/duration-min-370x304.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/duration-min-270x222.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/duration-min-740x608.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/duration-min.png 1762w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Configure network settings&nbsp;<\/h2>\n\n\n\n<p>Network stream analysis will quickly become one of your most-used ANY.RUN features. Try experimenting with these options:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/any.run\/cybersecurity-blog\/mitm-proxy-fake-net\/\" target=\"_blank\" rel=\"noreferrer noopener\">MITM Proxy<\/a> intercepts the traffic coming in and out of the sandbox. Select it to analyze traffic that was HTTPS encrypted.&nbsp;&nbsp;<\/li>\n\n\n\n<li>Fake net mimics an internet environment without actually connecting to the web.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>For an extra layer of security, you can also choose to route traffic via TOR or a custom VPN configuration.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"847\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/network-min-1024x847.png\" alt=\"\" class=\"wp-image-6122\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/network-min-1024x847.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/network-min-300x248.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/network-min-768x635.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/network-min-1536x1271.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/network-min-370x306.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/network-min-270x223.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/network-min-740x612.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/network-min.png 1762w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Set up the virtual machine&nbsp;<\/h2>\n\n\n\n<p>One of ANY.RUN\u2019s major pros is how rapidly you can analyze the same sample in a variety of machine configs.&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Select the OS, from Windows from 7 through 11 \u2014 32-bit or 64-bit versions, or Linux \u2014 Ubuntu 22.04.2.<\/li>\n\n\n\n<li>Set the locale. This is useful for seeing how malware behaves with different language settings.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>You can also use the pre-installed <a href=\"https:\/\/any.run\/cybersecurity-blog\/pre-installed-dev-tools\/\" target=\"_blank\" rel=\"noreferrer noopener\">Development soft set<\/a>. It provides the VM with additional software you might need for analysis of complex threats, such as Python, x64bg, Wireshark PE, and more.\u00a0<\/p>\n\n\n\n<p>Activate Residential proxy to mask the IP address of the sandbox.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>By using a residential proxy, the virtual machine&#8217;s IP address will appear to be from the country you&#8217;ve chosen. This will make the malware&#8217;s C2 server perceive it as a typical user.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"841\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/chooseos-1024x841.png\" alt=\"\" class=\"wp-image-6964\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/chooseos-1024x841.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/chooseos-300x247.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/chooseos-768x631.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/chooseos-370x304.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/chooseos-270x222.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/chooseos-740x608.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/chooseos.png 1262w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Control the task privacy and save a preset&nbsp;<\/h2>\n\n\n\n<p>And finally, make sure to set the <a href=\"https:\/\/any.run\/cybersecurity-blog\/privacy\/\" target=\"_blank\" rel=\"noreferrer noopener\">privacy<\/a> settings before you hit the &#8220;Run\u201d button. Here you can control who has access to the task or set a self-delete timer.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"850\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/privacy-min-1024x850.png\" alt=\"\" class=\"wp-image-6126\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/privacy-min-1024x850.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/privacy-min-300x249.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/privacy-min-768x638.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/privacy-min-1536x1275.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/privacy-min-370x307.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/privacy-min-270x224.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/privacy-min-740x614.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/privacy-min.png 1768w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>You might find yourself using a similar configuration over and over again. If that\u2019s the case, there\u2019s a better way than configuring the VM manually every time. Save a preset and you\u2019ll be able to recall that VM config later.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Allow ChatGPT access<\/h2>\n\n\n\n<p>Enabling ChatGPT&#8217;s access to the task allows you to use AI-generated reports that summarize the entire task or concentrate on specific network, file, registry, and synchronization events.<\/p>\n\n\n\n<p>If you have concerns about data privacy, you may choose to disable this feature. Disabling it ensures that data related to the task won&#8217;t be sent to OpenAI as you generate ChatGPT reports. Similarly, ChatGPT reports can only be enabled for public tasks.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"849\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/chat-gpt-min-1-1024x849.png\" alt=\"\" class=\"wp-image-6127\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/chat-gpt-min-1-1024x849.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/chat-gpt-min-1-300x249.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/chat-gpt-min-1-768x637.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/chat-gpt-min-1-1536x1273.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/chat-gpt-min-1-370x307.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/chat-gpt-min-1-270x224.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/chat-gpt-min-1-740x613.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/11\/chat-gpt-min-1.png 1764w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Starting a task<\/h2>\n\n\n\n<p>At this point, all that\u2019s left is to click \u201crun\u201d and see the VM fire up. You will be taken to a new window with the virtual machine video streaming. Almost immediately after initialization, you\u2019ll be able to interact with it \u2014 type, click on files, or open programs.&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"546\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-10-1024x546.png\" alt=\"VM in ANY.RUN\" class=\"wp-image-5106\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-10-1024x546.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-10-300x160.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-10-768x409.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-10-1536x819.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-10-370x197.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-10-270x144.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-10-740x395.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2023\/05\/image-10.png 1600w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>ANY.RUN will simultaneously record system activity. It will display processes spawned by the object in question in real time \u2014 and mark suspicious and malicious activity.&nbsp;<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>Check out the video guide in our YouTube:<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"How to start doing malware analysis? Run your first task on ANY.RUN\" width=\"770\" height=\"433\" src=\"https:\/\/www.youtube.com\/embed\/vc2zUcUX6BE?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>Did you find this overview useful? Let us know in the comments below. Want to read more content like this? Check out our <a href=\"https:\/\/any.run\/cybersecurity-blog\/how-to-use-anyrun\/\" target=\"_blank\" rel=\"noreferrer noopener\">full guide to using ANY.RUN<\/a>.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp;Tasks in ANY.RUN sandbox are like projects in GitHub. Every time you start an analysis of a suspicious object or link you create a new one. Follow these steps to get started.&nbsp; Create a new task&nbsp; First, let\u2019s open the configuration window. This is how we\u2019ll be able to set up our virtual machine and [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":5118,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[57,34],"class_list":["post-5096","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-instructions","tag-anyrun","tag-malware-analysis"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.10 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Create a Task in ANY.RUN:a Step-by-Step Guide<\/title>\n<meta name=\"description\" content=\"Follow the guide to get started in ANY.RUN. Run an analysis of a suspicious object or link and create a new task.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ANY.RUN\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/\"},\"author\":{\"name\":\"ANY.RUN\",\"@id\":\"https:\/\/any.run\/\"},\"headline\":\"How to Create a Task in ANY.RUN: a Step-by-Step Guide\",\"datePublished\":\"2023-05-31T05:30:42+00:00\",\"dateModified\":\"2025-06-26T09:51:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/\"},\"wordCount\":924,\"commentCount\":3,\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"keywords\":[\"ANYRUN\",\"malware analysis\"],\"articleSection\":[\"Instructions on ANY.RUN\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/\",\"name\":\"How to Create a Task in ANY.RUN: a Step-by-Step Guide\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/\"},\"datePublished\":\"2023-05-31T05:30:42+00:00\",\"dateModified\":\"2025-06-26T09:51:00+00:00\",\"description\":\"Follow the guide to get started in ANY.RUN. Run an analysis of a suspicious object or link and create a new task.\",\"breadcrumb\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Instructions on ANY.RUN\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/category\/instructions\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to Create a Task in ANY.RUN:a Step-by-Step Guide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN&#039;s Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/any.run\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\/\/any.run\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\/\/any.run\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/www.any.run\/\",\"https:\/\/twitter.com\/anyrun_app\",\"https:\/\/www.linkedin.com\/company\/30692044\",\"https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"caption\":\"ANY.RUN\"},\"url\":\"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Create a Task in ANY.RUN:a Step-by-Step Guide","description":"Follow the guide to get started in ANY.RUN. Run an analysis of a suspicious object or link and create a new task.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/","twitter_misc":{"Written by":"ANY.RUN","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/#article","isPartOf":{"@id":"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/"},"author":{"name":"ANY.RUN","@id":"https:\/\/any.run\/"},"headline":"How to Create a Task in ANY.RUN: a Step-by-Step Guide","datePublished":"2023-05-31T05:30:42+00:00","dateModified":"2025-06-26T09:51:00+00:00","mainEntityOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/"},"wordCount":924,"commentCount":3,"publisher":{"@id":"https:\/\/any.run\/"},"keywords":["ANYRUN","malware analysis"],"articleSection":["Instructions on ANY.RUN"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/","url":"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/","name":"How to Create a Task in ANY.RUN: a Step-by-Step Guide","isPartOf":{"@id":"https:\/\/any.run\/"},"datePublished":"2023-05-31T05:30:42+00:00","dateModified":"2025-06-26T09:51:00+00:00","description":"Follow the guide to get started in ANY.RUN. Run an analysis of a suspicious object or link and create a new task.","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/how-to-create-a-task\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"Instructions on ANY.RUN","item":"https:\/\/any.run\/cybersecurity-blog\/category\/instructions\/"},{"@type":"ListItem","position":3,"name":"How to Create a Task in ANY.RUN:a Step-by-Step Guide"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN&#039;s Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/twitter.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]},{"@type":"Person","@id":"https:\/\/any.run\/","name":"ANY.RUN","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","caption":"ANY.RUN"},"url":"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/"}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/5096"}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=5096"}],"version-history":[{"count":13,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/5096\/revisions"}],"predecessor-version":[{"id":14489,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/5096\/revisions\/14489"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/5118"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=5096"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/categories?post=5096"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/tags?post=5096"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}