{"id":9013,"date":"2024-10-01T11:34:17","date_gmt":"2024-10-01T11:34:17","guid":{"rendered":"\/cybersecurity-blog\/?p=9013"},"modified":"2024-10-01T11:34:17","modified_gmt":"2024-10-01T11:34:17","slug":"how-to-collect-iocs-in-sandbox","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/how-to-collect-iocs-in-sandbox\/","title":{"rendered":"How to Collect Indicators of Compromise
in the ANY.RUN Sandbox"},"content":{"rendered":"\n

Gathering Indicators of Compromise (IOCs)<\/a> is key to identifying and responding to threats. IOCs are pieces of forensic data that point to potential malicious activity, helping you detect, investigate, and prevent cyberattacks. <\/p>\n\n\n\n

With ANY.RUN<\/a>, you can collect a wide variety of IOCs, giving you a complete picture of any threat.\u00a0<\/p>\n\n\n\n

Let\u2019s dive into the types of IOCs you can collect in ANY.RUN\u2019s Interactive Sandbox and where to find them.\u00a0<\/p>\n\n\n\n

File System Indicators <\/h2>\n\n\n\n

Main Objects<\/strong> <\/h3>\n\n\n\n

The Main Object is one of the most critical components when analyzing malware inside the ANY.RUN sandbox. This refers to the primary file that was loaded for analysis.\u00a0<\/p>\n\n\n\n

Once you’ve initiated a sandbox analysis session<\/a>, simply click on the file name located in the upper-right corner of the screen.  <\/p>\n\n\n

\n
\"\"
File name displayed inside ANY.RUN sandbox<\/em> <\/figcaption><\/figure><\/div>\n\n\n

This action will give you quick access to the Main Object IOCs, which include basic details such as file paths, hashes, and more. \u00a0<\/p>\n\n\n

\n
\"\"
Main Objects IOCs inside ANY.RUN sandbox analysis<\/em><\/figcaption><\/figure><\/div>\n\n\n\n
\n\n

\nAnalyze and collect IOCs of malware and phishing<\/span> threats
in the ANY.RUN sandbox  \n<\/p>\n\n\nStart your first analysis\n<\/a>\n<\/div>\n\n\n\n