Detonate URL - ThreatGrid Deprecated
Deprecated. Use Detonate URL - ThreatGrid v2 instead.
Cisco Secure Malware Analytics · 7 tasks · 9 inputs · 16 outputs
Inputs
URL— URL of the sites to detonate.FileName— Name of the file to detonate.VM— The VM to use (string)Playbook— Name of the Threat Grid playbook to apply to this sample runPrivate— The sample is marked private if this is present, and set to any value other than false. privateSource— a string used for identifying the source of the detonation (user defined)Tags— A comma-separated list of tags applied to the sample.Interval— Polling frequency - how often the polling command should run (minutes)Timeout— How much time to wait before a timeout occurs (minutes)
Outputs
File.SHA256— SHA256 hash of the fileFile.Malicious— The File malicious descriptionFile.Type— File type e.g. "PE"File.Size— File sizeFile.MD5— MD5 hash of the fileFile.Name— FilenameFile.SHA1— SHA1 hash of the fileFile— The File objectFile.Malicious.Vendor— For malicious files, the vendor that made the decisionDBotScore— The DBotScore objectDBotScore.Indicator— The indicator we testedDBotScore.Type— The type of the indicatorDBotScore.Vendor— Vendor used to calculate the scoreDBotScore.Score— The actual scoreThreatGrid.Sample.State— The sample stateThreatGrid.Sample.ID— The sample ID
Commands used
threat-grid-get-samples-state
threat-grid-upload-sample
threat-grid-url-to-file