Detonate file - CrowdStrike Falcon Sandbox v2
Detonates a File using CrowdStrike Falcon sandbox.
CrowdStrike Falcon Sandbox · 8 tasks · 2 inputs · 14 outputs
Inputs
File— The file object of the file to detonate.EnvironmentID— The environment ID where the file should be submitted. To retrieve all available IDs, please execute the crowdstrike-get-environments command.
Outputs
File.SHA256— The SHA256 hash of the file.File.Malicious— The file malicious description.File.Type— The file type, for example "PE".File.Size— The file size.File.MD5— The MD5 hash of the file.File.Name— The file name.File.SHA1— The SHA1 hash of the file.File— The file object.File.Malicious.Vendor— The vendor that decided the file was malicious.DBotScore— The DBotScore object.DBotScore.Indicator— The tested indicator.DBotScore.Type— The indicator type.DBotScore.Vendor— The vendor used to calculate the score.DBotScore.Score— The actual score.
Commands used
cs-falcon-sandbox-scan
cs-falcon-sandbox-submit-sample