any.run Open in urlscan Pro
2606:4700:10::6816:304a  Public Scan

Form analysis
0 forms found in the DOM

Text Content

BLACK FRIDAY: 2-for-1 offer NOVEMBER 20 - 26 See details
x
 * Why us why us
 * Service SERVICE
 * Tracker tracker
 * Reports REPORTS
 * features
   sandbox sandbox
   TI Lookup ti lookup
 * Integrations integrations
 * Pricing PRICING
 * BLOG BLOG
 * Contacts CONTACTS
 * Media Kit Media Kit
 * Trial Trial

LET'S HUNT
JOIN FOR FREE
Threat Intelligence Lookup closed beta


IDENTIFY THREATS
WITH LINKED INDICATORS


 * Searchable database of linked IOCs
 * Lookup by any event, field, or indicator
 * Real-world malware examples
 * Interactive matrix of popular TTPs
 * Real-time map of C2 locations
 * Web interface and RESTful API

SIGN UP TO JOIN WAITLIST


WHAT IS THREAT
INTELLIGENCE LOOKUP?

Threat Intelligence Lookup lets you query IOCs against a large database of tasks
processed in ANY.RUN sandbox.

It provides context and actionable insights on events, IP addresses, domains,
file hashes, URLs, and more, allowing you to quickly evaluate the risk of IOCs
during incident response or threat hunting.


EFFICIENTLY FIND THREATS WITH OUR DETAILED LOOKUP ENGINE



Perform detailed searches to add context to indicators and find linked threats.
Use a range of fields and conditions to refine your results.

 * Query by any specific field, from system-related indicators to network
   signatures
 * Combine conditions using AND conjunction
 * Type or paste your search criteria or select from a predefined list


EXAMINE CONNECTED INDICATORS AND MALWARE SAMPLES FROM SEARCH RESULTS



Use linked data from search results to understand how individual indicators or
events tie to known threats. Each TI Lookup search shows linked:

 * Domains
 * URLs
 * Events
 * Files
 * Tasks
 * And more




LOOK UP THREATS BY ANY INDICATOR OR EVENT AND PERFORM WILDCARD SEARCHES



Use any suspicious indicator found in your system to find contextual threat
information and identify threats. You perform wildcard searches by:

 * Malware names
 * Events
 * Domains
 * IPs
 * URLs
 * TTPs
 * Registry fields 
 * Hashes
 * Files
 * Process fields
 * Suricata/Behaviour rules 
 * And more


TRACK POPULAR TTPS, MALWARE FAMILIES AND SURICATA DETECTIONS



Get a better understanding of popular Tactics, Techniques, and Procedures.

 * Find TTPs by any field, event or indicator.
 * Better understand TTPs with real malware examples and see the risk level of
   each TTP.
 * View which malware families are gaining popularity at a glance
 * Get information on the most frequent Suricata rule detections




LOOK UP C2 LOCATIONS



Geolocate threats using a live map of known C2 origins

 * See malware families connected to known C2s
 * Find examples tasks involving those threats
 * Filter results by country or family


TRACK POPULARITY OF INDIVIDUAL MALWARE FAMILIES



View real-time malware trends to adjust your security measures against likely
threats.

 * Monitor how the popularity of specific malware changes over time
 * Extract fresh IOCs for prevalent malware families with ease
 * See which countries report the most instances of each malware family




LEARN MORE ABOUT IDENTIFIED MALWARE FAMILIES



Learn more about individual malware families, track their popularity and easily
find the most recent IOCs and samples

 * See the popularity of each threat over time
 * Collect associated hashes, IPs, domains, and URLs
 * Learn about execution patterns and distribution methods for each malware


A RICH DATASOURCE OF NEW MALWARE SAMPLES

The information about recent threats comes from ANY.RUN’s interactive sandbox,
trusted by over 400,000 analysts, SOC and DFIR team professionals.

 * 50+ million samples in the database
 * 14k new daily submissions
 * Only pre-processed, cleaned data makes it into our lookup service


BENEFITS OF TI LOOKUP FOR YOUR BUSINESS


 * Get a clearer view of adversaries' intent, capabilities, and targets and
   quickly identify the threat you are dealing with
 * Quickly link objects you are investigating to threats. Improve triage and
   prioritize alerts that need to be investigated or escalated using linked
   indicators
 * Learn more about threat behaviour with real-examples by instantly accessing
   dynamic analysis of identified threats

Interested to learn more?

SIGN UP TO JOIN WAITLIST

ANY

RUN
Share your feedback
ANY.RUN
Security Solutions - Others
5
6 Ratings
Submit a review
As of 17 Jan 2024

Contact us
Threat submissions and samples
newvirus@any.run
Support, sales and trial inquiries
support@any.run
Public relations and partnerships
pr@any.run

Terms of Use Privacy Policy
© 2024 ANY.RUN All rights reserved.

Our website uses cookies. By visiting the pages of the site, you agree to our
Privacy Policy

Privacy Policy I agree
ANY.RUN is 7!
April 25 – May 5
Try all Windows OSs for free and grab
the gifts buying premium plans
See the deals
See the deals


UNLOCK ALL FEATURES


START YOUR 14-DAY FREE TRIAL

 * Analyze unlimited malware samples
   in private mode
 * Collect IOCs and configs in seconds
 * Work together with your team members

Get started