PARTNER INTEGRATION

MalwareBazaar

Visit Site

MalwareBazaar is a project operated by abuse.ch. The purpose of the project is to collect and share malware samples, helping IT-security researchers and threat analysts protect their constituency and customers from cyber threats.

Integrated Dataminr Products
Agentic Threat Intelligence Platform
Investigation Insights

MalwareBazaar with Investigation Insights

The Investigation Insights – MalwareBazaar integration enables analysts to quickly search over 600k community submitted hashes. Enabling analysts to better understand the hash and immediate awareness that the hash is malware due to its presence in the platform.

Examples

MalwareBazaar Data Overview

  • Summary Tags: When an analyst runs a search in the MalwareBazaar they can quickly tell what the file type of the hash is.
  • Additional Details: When clicking into the details on the hash analysts are presented with additional context. Quickly they can understand information about the file name, how it is typically delivered, its file size, and when it was first seen. If analysts need more context they can even pivot back out to the MalwareBazaar.
  • Community Comments: Not only can analysts view the additional details about the hash, but also get information on what the community is seeing with the hash enabling even more insights.
  • Tags: Finally analysts can also quickly see the tags associated with hash.

MalwareBazaar

With this Playbook app, you can automatically detonate, analyze, and submit files in MalwareBazaar from Dataminr to understand if they are malicious and return any contextualized telemetry. This all leads to more informed decision-making and more efficient remediation of malicious files through automation.

The following actions are available within the Playbook App:

  • Submit File
  • Get File Enrichment
  • Advanced Request

This app can be found in the Dataminr App Catalog under the name: MalwareBazaar

Looking for Integration Not Shown

Contact Us