RecordedFutureHashRiskList

Extracts the hash risk list from the recorded future and creates indicators accordingly.

Script Data


NameDescription
Script Typepython
TagsRecordedFuture

Inputs


Argument NameDescription
listSpecifies a hash list by a risk rule name, which can be retrieved with the get-hash-riskrules command.
thresholdThe minimum threshold score to consider indicators as malicious (65-99, greater than or equal to).

Outputs


PathDescriptionType
InfoFile.NameThe name of the file.string
InfoFile.EntryIDThe entry ID of the file.string
InfoFile.SizeThe size of the file.number
InfoFile.TypeThe type of the file. For example, "PE".string
InfoFile.InfoThe basic information of the file.string
InfoFile.ExtensionThe extension of the file.string