Do I need an ANY.RUN account to use this skill?

Yes, you need a valid ANY.RUN account (free community tier or paid subscription) to access the sandbox environment and its associated API features.

Does this skill support API automation?

Yes, the skill provides specific workflows and curl commands for programmatic sample submission, status tracking, and automated report retrieval via the ANY.RUN API.

ANY.RUN is an interactive cloud-based malware sandbox that allows security researchers to watch and interact with tasks in real-time to observe execution behavior.

Can I use this skill for sensitive or private files?

For highly sensitive samples that cannot be uploaded to the cloud, on-premises sandboxes are recommended. This skill is specifically designed for the ANY.RUN cloud service.

How does this help with advanced persistent threats (APTs)?

It allows for residential proxy usage and interactive navigation to bypass geo-blocking and anti-evasion techniques often employed by sophisticated malware families.

ANY.RUN Malware Analysis

Name: ANY.RUN Malware Analysis
Author: micsapp

bymicsapp

0•

Security & Testing

Performs interactive dynamic malware analysis using the ANY.RUN cloud sandbox to observe real-time execution behavior and capture indicators of compromise.

This skill empowers security analysts to leverage the ANY.RUN interactive sandbox for deep malware inspection directly within their workflow. It provides structured guidance for configuring virtual environments, interacting with samples to bypass anti-sandbox checks (like clicking 'Enable Content'), analyzing complex process trees, and extracting critical network IOCs. This is particularly useful for researchers needing rapid cloud-based detonation where human-like interaction is required to trigger malicious behavior and map results to the MITRE ATT&CK framework.

Key Features

01API-driven submission and automated report generation

020 GitHub stars

03Decrypted HTTPS and network traffic inspection

04Interactive cloud sandbox environment configuration

05Automated MITRE ATT&CK technique mapping

06Real-time process tree and behavioral analysis

Use Cases

01Identifying Command and Control (C2) infrastructure via real-time network captures

02Investigating multi-stage malware execution chains and process injection

03Analyzing phishing documents that require manual interaction to trigger macros

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills performing-dynamic-analysis-with-any-run

For use in Claude.ai and ChatGPT

Key Features

01API-driven submission and automated report generation

020 GitHub stars

03Decrypted HTTPS and network traffic inspection

04Interactive cloud sandbox environment configuration

05Automated MITRE ATT&CK technique mapping

06Real-time process tree and behavioral analysis

Use Cases

01Identifying Command and Control (C2) infrastructure via real-time network captures

02Investigating multi-stage malware execution chains and process injection

03Analyzing phishing documents that require manual interaction to trigger macros

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills performing-dynamic-analysis-with-any-run

For use in Claude.ai and ChatGPT