Skip to main content

Malware Investigation - Generic - Setup

Deprecated

DEPRECATED. Verifies a file sample and hostname information for the "Malware Investigation - Generic" playbook. If the file sample or hostname are missing, the playbook will attempt to retrieve them using one or more integrations.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Get File Sample By Hash - Generic
  • Get File Sample From Path - Generic
  • Search Endpoints By Hash - Generic

Integrations#

This playbook does not use any integrations.

Scripts#

  • Set

Commands#

This playbook does not use any commands.

Playbook Inputs#


NameDescriptionDefault ValueSourceRequired
FileThe malware sample to investigate.NoneFileOptional
MD5The MD5 hash to investigate.MD5FileOptional
SHA1The SHA1 hash to investigate.SHA1FileOptional
SHA256The SHA256 hash to investigate.SHA256FileOptional
HostnameThe hostname to investigateHostnameEndpointOptional
PathThe file path to get the sample from.PathFileOptional

Playbook Outputs#


PathDescriptionType
EndpointThe endpoint.unknown
Endpoint.HostnameThe device hostname.string
FileThe file sample object.unknown

Playbook Image#


Malware_Investigation_Generic_Setup