Skip to main content

Detonate File - BitDam

This Playbook is part of the BitDam Pack.#

Detonates one or more files using BitDam integration. Returns verdict to the War Room and file reputations to the context data.

Supported file types are mainly PDF & microsoft office software.


This playbook uses the following sub-playbooks, integrations, and scripts.


  • GenericPolling


This playbook does not use any integrations.


  • Set


  • bitdam-get-verdict
  • bitdam-upload-file

Playbook Inputs#

NameDescriptionDefault ValueSourceRequired
FileThe file object of the file to detonate. The File is taken from the context.NoneFileOptional
IntervalThe duration for executing the pooling (in minutes).1-Optional
TimeoutThe duration after which to stop pooling and to resume the playbook (in minutes).10-Optional

Playbook Outputs#

BitDam.Analysis.IDThe sample ID.string
DBotScore.VendorThe name of the vendor: BitDam.string
BitDam.Analysis.VerdictThe analysis verdict.string
BitDam.Analysis.StatusThe analysis status.string
DBotScore.IndicatorThe name of the sample file or URL.unknown
DBotScore.TypeThe 'file' for file samples.string
DBotScore.ScoreThe actual score.number

Playbook Image#