Intezer - Analyze Uploaded file

Uploads a file to Intezer Analyze to analyze and enrich the file reputation. (up to 32mb)

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

  • GenericPolling

Integrations

  • Intezer v2

Scripts

This playbook does not use any scripts.

Commands

  • intezer-get-analysis-result
  • intezer-analyze-by-file

Playbook Inputs


NameDescriptionDefault ValueSourceRequired
FileThe file object of the file to detonate.EntryIDFileOptional
IntervalHow often the polling command should run (in minutes).1-Required
TimeoutThe amount of time to wait before a timeout occurs (in minutes).30-Required

Playbook Outputs


PathDescriptionType
File.SHA256The SHA256 hash of the file.string
File.MaliciousThe description of the malicious file.unknown
File.TypeThe file type. For example, "PE".string
File.SizeThe file size.number
File.MD5The MD5 hash of the file.string
File.NameThe file name.string
File.SHA1The SHA1 hash of the file.string
FileThe file object.unknown
File.Malicious.VendorThe vendor that made the decision that the file is malicious.string
DBotScoreThe DBotScore object.unknown
DBotScore.IndicatorThe indicator that was tested.string
DBotScore.TypeThe indicator type.string
DBotScore.VendorThe vendor used to calculate the score.string
DBotScore.ScoreThe actual score.number

Playbook Image


Intezer_Analyze_Uploaded_file