Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

CrowdStrike Adds Malware Search Engine to ‘Hybrid Analysis’

Endpoint security firm CrowdStrike on Tuesday announced that new search capabilities have been added to the company’s Hybrid Analysis service.

Endpoint security firm CrowdStrike on Tuesday announced that new search capabilities have been added to the company’s Hybrid Analysis service.

Hybrid Analysis is a free malware analysis service owned by CrowdStrike since November 2017, when it acquired Payload Security, the firm that originally developed the automated malware analysis sandbox technology.

Hybrid Analysis leverages CrowdStrike’s Falcon Sandbox, a malware analysis framework that the company claims has been used worldwide by many security operations centers, CERTs, cyber forensics labs, researchers and threat intelligence services.

Starting with August 21, Hybrid Analysis also includes malware search features powered by CrowdStrike’s Falcon MalQuery, a proprietary cloud-based malware research tool that allows industry professionals to quickly and efficiently search a massive collection of samples.

The addition of Falcon MalQuery to Hybrid Analysis allows users to quickly scan through petabytes of threat data based on YARA rules or string/binary patterns. Each search can be refined based on certain criteria, such as the type, date and size of the file.

CrowdStrike adds Falcon MalQuery to Hybrid Analysis

According to the security firm, running a scan takes only minutes instead of hours, and search results can be downloaded and shared.

CrowdStrike has described the addition of Falcon MalQuery to Hybrid Analysis as donating the tool to the community.

The company has published a blog post that briefly explains how the new search capabilities work.

Related: CrowdStrike Unveils New Endpoint Protection, Threat Analysis Solutions

Related: CrowdStrike Raises $200 Million at $3 Billion Valuation

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Fortinet warned of three malicious PyPI packages containing code that fetches the Wacatac trojan and information stealer.

Cybercrime

The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this...