Advanced Malware Traffic Analysis

With the new Advanced Malware Traffic Analysis feature, you will be able to access incredible amount of data regarding the malwares’ network related actions. You can access this feature after you go to the Dynamic Scan report, network tab.

You can now inspect the packets within the Dynamic Scan VM and apply filters. For guidance on filtering, check out the filtering guide here: Wireshark Filtering Guide

‍

Hunting Module | YARA Rule Generator

While developing Threat.Zone, we have focused on both preemptive measures and post-incident responses. Alongside our detailed submission page for gathering submission details, we have also introduced a new module called "Hunting.”

In the Hunting module, we began development with the YARA Generator Engine. Now, for every submission sent to Threat.Zone, a YARA Rule will be automatically generated.

This allows you to view YARA Rule generated for the sample and download it!

‍

Network Configurations | Proxy, OpenVPN and Wireguard

Malware often checks the victim's region, utilizing this information in diverse ways. With the new Network Configuration page on Threat.Zone, you now have the freedom to use Proxy or VPN configuration you prefer in your Dynamic Analysis.

Once you click on the configurations tab, you can view your existing network configurations and create new ones. We provide three options for changing the network configuration for your analysis VM, Proxy OpenVPN and Wireguard.

Once you've created a configuration, when you start a new scan process, you'll find your created network configurations at the bottom. Upon selection and submission, your interactive VM will utilize this configuration for its network settings.

‍

Static Scan Improvements | YARA Match & Strings

We've made significant enhancements to the scoring capabilities of Threat.Zone's Static Scan. By refining the YARA rules, we've seen a remarkable increase in scoring accuracy and matching capabilities.

Additionally, when you submit samples to Threat.Zone's Static Scan, you'll now notice that your submission is tagged with possible malware families and types.

These updates are designed to equip you with amazing tools and insights to enhance your threat analysis endeavors. We remain dedicated to continually improving Threat.Zone to better address your security requirements. If you haven't registered yet, you can do so here.