CrowdStrike Falcon Sandbox - Detonate file Deprecated
Deprecated. Use the cs-falcon-sandbox-submit-file command with polling=true instead.
CrowdStrike Falcon Sandbox · 9 tasks · 4 inputs · 14 outputs
Inputs
File— The file object of the file to detonate.EnvironmentID— The environment ID to submit the file to. To get all IDs run the crowdstrike-get-environments command.Interval— Polling frequency - how often the polling command should run (minutes).Timeout— How much time to wait before a timeout occurs (minutes).
Outputs
File.SHA256— The SHA256 hash of the file.File.Malicious— The file malicious description.File.Type— The file type, for example "PE".File.Size— The file size.File.MD5— The MD5 hash of the file.File.Name— The file name.File.SHA1— The SHA1 hash of the file.File— The file object.File.Malicious.Vendor— The vendor that decided the file was malicious.DBotScore— The DBotScore object.DBotScore.Indicator— The tested indicator.DBotScore.Type— The indicator type.DBotScore.Vendor— The vendor used to calculate the score.DBotScore.Score— The actual score.
Commands used
crowdstrike-scan
crowdstrike-submit-sample