Script sample support has
been expanded to include perl scripts. As with all other currently
supported script file types (JScript [.js], VBScript [.vbs], PowerShell
Script [.ps1], batch [.bat], and shell script files, the WildFire
public cloud can now analyze and classify perl scripts files with
verdicts using static and dynamic analysis. When a malicious perl
script is discovered, the WildFire cloud generates and distributes
C2 and DNS signatures to firewalls to prevent successful attacks.
To ensure that you are protected from the latest threats, always
keep your firewalls up-to-date with the latest content and software
updates from Palo Alto Networks.
Firewall forwarding
of perl scripts is not currently supported; it will become available
in an upcoming PAN-OS content release.
The WildFire appliance does not support perl script analysis
at this time.
You can submit script files
directly to the WildFire public cloud for analysis from the WildFire
portal as well as the WildFire API:
Manually submit script
files to the WildFire public cloud for analysis. You can then view
the WildFire sample analysis report and verdict (malicious, grayware
or benign) on the WildFire portal.
Use the WildFire API to
submit files to the WildFire public cloud. You can use the WildFire
API to
retrieve verdicts and
analysis reports for the files. You can also specify script as the
target analysis environment when you
retrieve a packet capture through
the WildFire API.
