Tuesday, November 12, 2024
HomeCyber Security NewsVirusTotal AI code Analysis Expanded to Spot Malicious Windows, and Linux Script...

VirusTotal AI code Analysis Expanded to Spot Malicious Windows, and Linux Script Files

Published on

Malware protection

In April 2023, Google announced VirusTotal Code Insight to improve the capacity of its malware detection and analysis platform. This week, Google released an enhanced version of VirusTotal Code Insight, including support for more scripting languages.

Code Insight is an AI-based code analysis feature powered by the Google Cloud Security AI Workbench that uses the Sec-PaLM large language model (LLM) tailored for security use cases.

“Code Insight has broadened its support for script formats, moving beyond PowerShell to offer analysis for various scripting languages,” VirusTotal founder Bernardo Quintero said.

- Advertisement - SIEM as a Service

Updates to VT Code Insight

Code Insight, which was once limited to analyzing a subset of PowerShell files, can currently detect malicious Batch (BAT), Command Prompt (CMD), Shell (SH), and VBScript (VBS) scripts.

The maximum file size limit for files handled by Code Insight has been doubled, allowing for an analysis of larger files.

Further, the model provides more brief and concentrated high-level explanations, emphasizing code behavior.

The user interface has been modified to display only the initial sentences of the report by default, with the option for users to expand the report as needed, preventing lengthy reports from overpowering the default view.

ESXiArgs sample analysis by VirusTotal Code Insight

The functionality is currently in active development and should be regarded as beta. In the upcoming months, VirusTotal intends to enhance it by supporting more file formats, bigger file sizes, and the analysis of executable file types like.exe.

For example, the team intends to provide the study with more context by granting the AI access to “any metadata related to the URLs and files linked in the code snippet.”

Security researchers and other users can utilize Code Insight to analyze the behavior of scripts, making it an intriguing feature. Its use will increase when the service is expanded to support more file types, particularly executable files.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

10 Best DNS Management Tools – 2025

Best DNS Management Tools play a crucial role in efficiently managing domain names and...

Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

Customers can now easily integrate Sweet’s runtime detection and response platform into their AWS...

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting...