Malware Investigation - Generic - Setup
This Playbook is part of the Deprecated Content (Deprecated) Pack.#
Deprecated
DEPRECATED. Verifies a file sample and hostname information for the "Malware Investigation - Generic" playbook. If the file sample or hostname are missing, the playbook will attempt to retrieve them using one or more integrations.
Dependencies#
This playbook uses the following sub-playbooks, integrations, and scripts.
Sub-playbooks#
- Get File Sample By Hash - Generic
- Get File Sample From Path - Generic
- Search Endpoints By Hash - Generic
Integrations#
This playbook does not use any integrations.
Scripts#
- Set
Commands#
This playbook does not use any commands.
Playbook Inputs#
| Name | Description | Default Value | Source | Required |
|---|---|---|---|---|
| File | The malware sample to investigate. | None | File | Optional |
| MD5 | The MD5 hash to investigate. | MD5 | File | Optional |
| SHA1 | The SHA1 hash to investigate. | SHA1 | File | Optional |
| SHA256 | The SHA256 hash to investigate. | SHA256 | File | Optional |
| Hostname | The hostname to investigate | Hostname | Endpoint | Optional |
| Path | The file path to get the sample from. | Path | File | Optional |
Playbook Outputs#
| Path | Description | Type |
|---|---|---|
| Endpoint | The endpoint. | unknown |
| Endpoint.Hostname | The device hostname. | string |
| File | The file sample object. | unknown |
Playbook Image#
