Skip to main content

Detonate File - ReversingLabs A1000

This Playbook is part of the ReversingLabs A1000 Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Upload sample to ReversingLabs A1000 appliance and automatically retrieve full & classification reports. Calculate final classification.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

This playbook does not use any sub-playbooks.

Integrations#

  • ReversingLabs A1000 v2

Scripts#

  • A1000FinalClassification

Commands#

  • reversinglabs-a1000-get-classification
  • reversinglabs-a1000-upload-sample-and-get-results

Playbook Inputs#


NameDescriptionDefault ValueRequired
EntryIDThe Entry ID.${File.EntryID}Optional

Playbook Outputs#


PathDescriptionType
File.SHA256The SHA256 hash of the file.unknown
File.SHA1The SHA1 hash of the file.unknown
File.SHA512The SHA512 hash of the file.unknown
File.NameThe name of the file.unknown
File.EntryIDThe Entry ID.unknown
File.InfoInformation about the file.unknown
File.TypeThe type of the file.unknown
File.MD5MD5 hash of the file.unknown
DBotScore.ScoreThe actual score.unknown
DBotScore.TypeThe indicator type.unknown
DBotScore.IndicatorThe indicator that was tested.unknown
DBotScore.VendorThe vendor used to calculate the score.unknown
ReversingLabs.a1000_reportA1000 reportunknown

Playbook Image#


Detonate File - ReversingLabs A1000