New Threat Intel Features in Intezer Analyze

October 21, 2020

Intezer

We’ve made some updates in Intezer Analyze to improve your incident response and threat intelligence workflows. From classifying samples faster to staying current on emerging malware families, check out the latest features below.

1. NEW Track Malware Families

Part of an effective threat intel program involves staying current on malware families such as Lazarus, Emotet, and TrickBot. Click Track this threat for any malware family to get updates on new samples spotted in the wild through code reuse.

Start tracking

Search directly from the home page for insights on a malware family

2. Trending Malware Families and Top Community Uploads

See trending malware families and top community uploads on the home page. Despite a major takedown attempt from Microsoft, TrickBot remains an active threat. Here is a recent low-detected TrickBot sample that shares 80% of its code with previous versions.

Visit the home page

3. NEW Chrome Extension

Classifying your SHA256, MD5 or SHA1 is just a right-click away! The Chrome extension for Intezer Analyze streamlines the Search Hash process allowing you to identify threats faster with a simple click from any Chrome webpage.

If you come across IOCs when reading a blog you can quickly submit them for Genetic Analysis to see what code they copied from previous malware. You can also try running low-detected or generic files from VirusTotal with Intezer Analyze to get an exact classification. We’ll tell you if the threat is Emotet rather than just Trojan.Generic.

1. Add the Chrome Extension for Intezer Analyze.
2. Highlight a hash on any Chrome webpage.
3. Right-click and select “Analyze with Intezer” or paste the hash in the extension.

Get the extension

Emotet Evolves but Code Remains Mostly the Same

4. Notification on Updated Classification

Our Genome Database is updated daily with the latest code from trusted applications and malware. New code introduced to the system from our community users and data team keeps you current with rapidly evolving threats.

We are now providing a weekly summary to notify you of changes in classifications since their initial analysis. In the case where a previously unknown malware is identified, or a general malware is classified to a specific malware family, this can prove valuable.

5. Malicious Library

Malicious genes that don’t belong to a specific family are now classified as Malicious Library. This label reorganizes the analysis reports and makes prioritizing your response to threats easier.

We welcome your feedback on these features!

Community users can classify up to 10 files daily for free. For more advanced features, check out our enterprise plans.

Intezer

Count on Intezer Forensic AI SOC to triage, investigate and respond to every alert at unmatched speed and accuracy.

Share this article

Recommended Blogs

Blog

8MIN READ

Alert fatigue is costing you: Why your SOC misses 1% of real threats

Our 2026 AI SOC Report, based on the analysis of more than 25M security alerts across live enterprise environments, reveals a critical disconnect between how security teams prioritize alerts and where real threats actually originate.