Perl Script Analysis

Script sample support has been expanded to include perl scripts. As with all other currently supported script file types (JScript [.js], VBScript [.vbs], PowerShell Script [.ps1], batch [.bat], and shell script files, the WildFire public cloud can now analyze and classify perl scripts files with verdicts using static and dynamic analysis. When a malicious perl script is discovered, the WildFire cloud generates and distributes C2 and DNS signatures to firewalls to prevent successful attacks. To ensure that you are protected from the latest threats, always keep your firewalls up-to-date with the latest content and software updates from Palo Alto Networks.
  • Firewall forwarding of perl scripts is not currently supported; it will become available in an upcoming PAN-OS content release.
  • The WildFire appliance does not support perl script analysis at this time.
You can submit script files directly to the WildFire public cloud for analysis from the WildFire portal as well as the WildFire API:
  1. Manually submit script files to the WildFire public cloud for analysis. You can then view the WildFire sample analysis report and verdict (malicious, grayware or benign) on the WildFire portal.
  2. Use the WildFire API to submit files to the WildFire public cloud. You can use the WildFire API to retrieve verdicts and analysis reports for the files. You can also specify script as the target analysis environment when you retrieve a packet capture through the WildFire API.

Related Documentation