v2.8.0 - latest

🎯 FRIDAY UPDATE

We’ve just raised the bar for dynamic malware analysis — again.

Threat.Zone now supports files up to 3 GB for detonation, the highest limit among global sandboxes. Security teams in critical environments can finally analyze massive archives, installers, and virtual-disk images without size-related blind spots.

🚀 What’s New in This Release

Expanded File Support

Up to 3 GB file detonation — no more blind spots for large installers, archives, or disk images.

Deep Artifact Harvesting

Memory and file dumps from every run are now automatically processed and indexed for easier analysis.

Malware Config Extractor

Extract campaign IDs, C2 servers, and other runtime configs directly from both samples and artifacts.

YARA Rule Matcher & Generator

Instant rule matching against our internal rule-set.
One-click custom YARA rule creation from any artifact with ease.

IoC Extractor

Automatic extraction of domains, IPs, and hashes across samples, RAM, and dumped files.

Recursive Archive Handling

Submit ZIP/RAR files, and each embedded file is detonated separately—no need for manual unpacking.

Full REST API Coverage

Access indicators, YARA hits, artifacts, hybrid-analysis scores, and more via API—ready for SOAR, SIEM, or EDR pipelines.

Varist Hybrid Analyzer Integration

Enhanced hybrid analysis, combining static and dynamic insights for deeper threat visibility.

🎬 See It in Action

Multi-file archive demo → https://app.threat.zone/submission/5cf60a7e-9662-493f-b380-86f1b9969e67/overview
CryptoLocker sample with memory and file dumps → https://app.threat.zone/submission/2f8e01c0-140f-4e85-adbb-fa18bf1ae911/overview

We’re thrilled to help defenders eliminate size constraints and surface richer telemetry—enabling faster, more precise threat response. Got questions or feedback? Let’s talk!

🧠 Introducing ThreatZone MCP Server

We've published ThreatZone MCP—an MCP server that connects AI assistants directly with Threat.Zone's holistic malware analysis platform.

Key Capabilities:

Submit files for analysis from within AI tools.
Query results and reports using natural language.
Retrieve IOCs, behavioral data, threat intelligence, execution logs, and network traffic.
Generate automated threat assessment reports.
Search historical analysis data and trends.

📥 Getting Started

Clone the MCP server repo and dive in:

git clone https://github.com/threat-zone/threatzonemcp

📄 Ready for Production?

This release is packed with powerful upgrades aimed at empowering SOC, IR, and forensic teams. We recommend updating to v2.8.0 to take full advantage of:

Superior file size support
Enhanced telemetry and artifact processing
Seamless integration via REST API and MCP for AI‑driven workflows

PreviousRelease Notes Nextv2.7.2

Last updated 1 month ago

Was this helpful?