Intezer v2
Malware detection and analysis based on code reuse.
Forensics & Malware Analysis · Intezer
Configuration parameters
APIKey— API Key (required)AnalyzeBaseURL— Intezer Analyze Base URLproxy— Use system proxy settingsinsecure— Trust any certificate (not secure)
Commands (16)
-
intezer-analyze-by-fileChecks file reputation for uploaded file (up to 150MB).
-
intezer-analyze-by-hashChecks file reputation of the given hash, supports SHA256, SHA1 and MD5.
-
intezer-analyze-urlChecks reputation of an Url.
-
intezer-get-alert-resultGet an ingested alert triage and response information using alert ID.
-
intezer-get-analysis-code-reuseGet All code reuse report for an analysis. To get a sub analysis code-reuse you need to specify an analysis_id and a sub_analysis id!.
-
intezer-get-analysis-iocsGets the list of network and files IOCs of a specific analysis id.
-
intezer-get-analysis-metadataGet analysis metadata. To get a sub analysis metadata you need to specify an analysis_id and a sub_analysis id!.
-
intezer-get-analysis-resultCheck the analysis status and get analysis result, support file and endpoint analysis.
-
intezer-get-endpoint-analysis-resultReturns the analysis result.
-
intezer-get-family-infoGet family information from Intezer Analyze.
-
intezer-get-file-analysis-resultReturns the analysis result.
-
intezer-get-latest-reportChecks file reputation of the given hash, supports SHA256, SHA1 and MD5 by looking at the latest available report.
-
intezer-get-sub-analysesGet a list of the analysis sub analyses.
-
intezer-get-url-analysis-resultReturns the analysis result.
-
intezer-submit-alertSubmit a new alert, including the raw alert information, to Intezer for processing.
-
intezer-submit-suspected-phishing-emailSubmit a suspicious phishing email in a raw format (.MSG or .EML) to Intezer for processing.