# v2.8.0 - latest ## 🎯 **FRIDAY UPDATE** \ We’ve just raised the bar for dynamic malware analysis — again. Threat.Zone now supports files up to **3 GB** for detonation, the highest limit among global sandboxes. Security teams in critical environments can finally analyze massive archives, installers, and virtual-disk images without size-related blind spots. *** ### 🚀 What’s New in This Release #### **Expanded File Support** * **Up to 3 GB file detonation** — no more blind spots for large installers, archives, or disk images. #### **Deep Artifact Harvesting** * Memory and file dumps from every run are now automatically processed and indexed for easier analysis. #### **Malware Config Extractor** * Extract campaign IDs, C2 servers, and other runtime configs directly from both samples and artifacts. #### **YARA Rule Matcher & Generator** * **Instant rule matching** against our internal rule-set. * **One-click custom YARA rule creation** from any artifact with ease. #### **IoC Extractor** * Automatic extraction of domains, IPs, and hashes across samples, RAM, and dumped files. #### **Recursive Archive Handling** * Submit ZIP/RAR files, and each embedded file is detonated separately—no need for manual unpacking. #### **Full REST API Coverage** * Access indicators, YARA hits, artifacts, hybrid-analysis scores, and more via API—ready for SOAR, SIEM, or EDR pipelines. #### **Varist Hybrid Analyzer Integration** * Enhanced hybrid analysis, combining static and dynamic insights for deeper threat visibility. *** ### 🎬 See It in Action * **Multi-file archive demo** → * **CryptoLocker sample with memory and file dumps** → *** We’re thrilled to help defenders eliminate size constraints and surface richer telemetry—enabling faster, more precise threat response. Got questions or feedback? Let’s talk! *** ### 🧠 Introducing ThreatZone MCP Server We've published **ThreatZone MCP**—an MCP server that connects AI assistants directly with Threat.Zone's holistic malware analysis platform. #### Key Capabilities: * **Submit files** for analysis from within AI tools. * **Query results and reports** using natural language. * **Retrieve IOCs**, behavioral data, threat intelligence, execution logs, and network traffic. * **Generate automated threat assessment reports.** * **Search historical analysis data and trends.** *** ### 📥 Getting Started Clone the MCP server repo and dive in: ```bash git clone https://github.com/threat-zone/threatzonemcp ``` *** ### 📄 Ready for Production? This release is packed with powerful upgrades aimed at empowering SOC, IR, and forensic teams. We recommend updating to v2.8.0 to take full advantage of: * Superior file size support * Enhanced telemetry and artifact processing * Seamless integration via REST API and MCP for AI‑driven workflows --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.malwation.com/threatzone/release-notes/v2.8.0-latest.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.