Detonate File - FireEye AX
Detonate one or more files using the FireEye AX integration. This playbook returns relevant reports to the War Room and file reputations to the context data. The detonation supports the following file types - PE32, EXE, DLL, JAR, JS, PDF, DOC, DOCX, RTF, XLS, PPT, PPTX, XML, ZIP, VBN, SEP, XZ, GZ, BZ2, TAR, MHTML, SWF, LNK, URL, MSI, JTD, JTT, JTDC, JTTC, HWP, HWT, HWPX, BAT, HTA, PS1, VBS, WSF, JSE, VBE, CHM, JPG, JPEG, GIF, PNG, XLSX
FireEye (AX Series) · 9 tasks · 3 inputs · 14 outputs
Inputs
File— File object of the file to detonate.Interval— Polling frequency - how often the polling command should run (minutes)Timeout— How much time to wait before a timeout occurs (minutes)
Outputs
File.SHA256— SHA256 hash of the fileFile.Malicious— The File malicious descriptionFile.Type— File type e.g. "PE"File.Size— File sizeFile.MD5— MD5 hash of the fileFile.Name— FilenameFile.SHA1— SHA1 hash of the fileFile— The File objectFile.Malicious.Vendor— For malicious files, the vendor that made the decisionDBotScore— The DBotScore objectDBotScore.Indicator— The indicator we testedDBotScore.Type— The type of the indicatorDBotScore.Vendor— Vendor used to calculate the scoreDBotScore.Score— The actual score
Commands used
fe-submit
fe-submit-result