Detonate URL - Symantec Blue Coat Content and Malware Analysis Beta
Detonates a File using the Symantec Blue Coat Content and Malware Analysis. Advanced Threat Defense supports the following File Types: Microsoft (2003 and earlier) doc, dot, xls, csv, xlt, xlm, ppt, pot, pps Microsoft (2007 and later): docx, docm, dotx, dotm, dotm, xlsx, xlsm, xltx, xltm, xlsb, xla, xlam, iqy, pptx, pptm, potx, ppsx, xml Other: pe32, rtf, pdf, vbs, vbe, ps1, js, lnk, html, bat
Symantec Blue Coat Content and Malware Analysis (Beta) · 6 tasks · 2 inputs · 23 outputs
Inputs
URL— The URL to detonate.Timeout— How much time to wait before a timeout occurs (seconds).
Outputs
DBotScore.Vendor— The name of the vendor.DBotScore.Indicator— The indicator of the score.DBotScore.Type— The type for the score. For example, Email.DBotScore.Score— The actual score.DBotScore.Malicious.Vendor— The name of the vendor.DBotScore.Malicious.Detections— The sub analysis detection statuses.DBotScore.Malicious.SHA1— The SHA1 of the file.InfoFile.Name— The name of the file.InfoFile.EntryID— The entry ID of the report.InfoFile.Size— The size of the file.InfoFile.Type— The type of the file. For example, "PE".InfoFile.Info— Basic information of the file.InfoFile.Extension— The extension of the file.File.Size— The size of the file.File.SHA1— The SHA1 hash of the file.File.SHA256— The SHA256 hash of the file.File.Name— The name of the sample file.File.SSDeep— The SSDeep hash of the file.File.EntryID— The War Room entry ID of the file.File.Info— Basic information of the file.File.Type— The type of the file. For example, "PE".File MD5— The MD5 hash of the file.File.Extension— The extension of the file.
Commands used
symantec-cma-get-report
symantec-cma-upload-url