Threat Intelligence Lookup lets you query IOCs against a large database of tasks processed in ANY.RUN sandbox.
It provides context and actionable insights on events, IP addresses, domains, file hashes, URLs, and more, allowing you to quickly evaluate the risk of IOCs during incident response or threat hunting.
Perform detailed searches to add context to indicators and find linked threats. Use a range of fields and conditions to refine your results.
Use linked data from search results to understand how individual indicators or events tie to known threats. Each TI Lookup search shows linked:
Use any suspicious indicator found in your system to find contextual threat information and identify threats. You perform wildcard searches by:
Get a better understanding of popular Tactics, Techniques, and Procedures.
Geolocate threats using a live map of known C2 origins
View real-time malware trends to adjust your security measures against likely threats.
Learn more about individual malware families, track their popularity and easily find the most recent IOCs and samples
The information about recent threats comes from ANY.RUN’s interactive sandbox, trusted by over 400,000 analysts, SOC and DFIR team professionals.
Interested to learn more?
LET'S START NOW