CrowdStrike Falcon Pack.#This Playbook is part of the
Supported Cortex XSOAR versions: 6.5.0 and later.
This playbook is part of the 'Malware Investigation And Response' pack. For more information, refer to https://xsoar.pan.dev/docs/reference/packs/malware-investigation-and-response. This playbook searches across the organization for other endpoints associated with a specific SHA256 hash.
This playbook uses the following sub-playbooks, integrations, and scripts.
This playbook does not use any sub-playbooks.
This playbook does not use any scripts.
|FileSha256||The SHA256 file hash to search for.||Optional|
|HostId||The ID of the host that originated the detection.||Optional|
|CrowdStrike.IOC.DeviceCount||The number of devices the IOC ran on.||number|