Skip to main content

File Enrichment - File reputation

Gets a file's reputation using one or more integrations.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

This playbook does not use any sub-playbooks.

Integrations#

This playbook does not use any integrations.

Scripts#

  • FileReputation

Commands#

This playbook does not use any commands.

Playbook Inputs#


NameDescriptionDefault ValueSourceRequired
MD5The MD5 hash to enrich.MD5FileOptional
SHA256The SHA256 hash to enrich.SHA256FileOptional
SHA1The SHA1 hash to enrich.SHA1FileOptional

Playbook Outputs#


PathDescriptionType
FileThe file's object.unknown
File.MD5The MD5 hash of the file.string
File.SHA1The SHA1 hash of the file.string
File.SHA256The SHA256 hash of the file.string
File.Malicious.VendorThe vendor that made the decision that the file is malicious.string
DBotScoreThe DBotScore's object.unknown
DBotScore.IndicatorThe tested indicator.string
DBotScore.TypeThe type of the indicator.string
DBotScore.VendorThe vendor used to calculate the score.string
DBotScore.ScoreThe actual score.number

Playbook Image#


File_Enrichment_File_reputation