ANY.RUN

This app enables you to detonate files and URLs, and perform investigative actions, using the ANY.RUN interactive online malware sandbox service, thereby giving you automated analysis and advanced threat detection through an agentless sandbox

Supported Actions

• test connectivity: Validate the asset configuration for connectivity using supplied configuration
• get analysis verdict: Get the verdict of a specific analysis
• url reputation: Get reports of a specific URL analysis
• file reputation: Get reports of a specific file analysis by that file's hash
• domain reputation: Get reports of analyses, that involve specific domain
• ip reputation: Get reports of analyses, that involve specific IP
• get report: Get report for a submission
• get report stix: Get report for a submission in STIX format
• get report misp: Get report for a submission in MISP format
• get report html: Get report for a submission in HTML format
• get iocs: Get list of IoCs for a submission
• detonate url windows: Detonate a URL
• detonate url linux: Detonate a URL on Linux
• detonate url android: Detonate a URL on Android
• detonate file windows: Detonate a file from Vault
• detonate file linux: Detonate a file from Vault
• detonate file android: Detonate a file from Vault
• get intelligence: Threat Intelligence IoC Lookup
• delete submission: Delete a submission
• download pcap: Download a pcap file