Detonate URL - CrowdStrike Deprecated
Deprecated. Use the cs-falcon-sandbox-submit-url command with polling=true instead.
CrowdStrike Falcon Sandbox · 8 tasks · 5 inputs · 14 outputs
Inputs
URL— URL to detonate.EnvironmentID— The environment ID to submit the file to. To get all IDs run the crowdstrike-get-environments command.Interval— Polling frequency - how often the polling command should run (minutes).Timeout— How much time to wait before a timeout occurs (minutes).dontThrowErrorOnFileDetonation— Should the playbook fail due to an unsupported file type? use true or false.
Outputs
File.SHA256— The SHA256 hash of the file.File.Malicious— The file malicious description.File.Type— File type, for example "PE".File.Size— The file size.File.MD5— The MD5 hash of the file.File.Name— The file name.File.SHA1— The SHA1 hash of the file.File— The file object.File.Malicious.Vendor— The vendor that decided the file was malicious.DBotScore— The DBotScore object.DBotScore.Indicator— The tested indicator.DBotScore.Type— The indicator type.DBotScore.Vendor— The vendor used to calculate the score.DBotScore.Score— The actual score.
Commands used
crowdstrike-scan
crowdstrike-submit-url