Reversinglabs A1000 v2

App integrates with ReversingLabs A1000 Malware Analysis Appliance APIs

Supported Actions

• test connectivity: Validate the asset configuration for connectivity using supplied configuration
• detonate file: Upload file to A1000
• submit url: Detonate file from url
• check submitted url status: Check submitted url status
• create pdf report: Create pdf report
• check pdf report creation: Check pdf report creation
• download pdf report: Download pdf report
• get titaniumcore report: Get TitaniumCore report
• url reputation: Queries URL info
• domain reputation: Queries domain info
• ip reputation: Queries IP info
• network ip to domain: Get a list of IP-to-domain mappings
• network urls from ip: Get a list of URLs hosted on the requested IP address
• network files from ip: Get a a list of hashes and classifications for files found on the requested IP address
• advanced search: Search for samples using multi-part search criteria
• advanced search ticloud: Search for samples available on the TitaniumCloud
• advanced search local: Search for samples available on the A1000 appliance
• create dynamic analysis report: Initiate the creation of dynamic analysis PDF report
• check dynamic analysis report status: Get status of the report previously requested
• download dynamic analysis report: Download previously requested dynamic analysis report in pdf
• get summary report: Get a summary report for hash
• get detailed report: Get detailed analysis report
• get classification: Get classification for a sample
• get user tags: List existing tags for the requested sample
• create user tags: Add one or more user tags
• delete user tags: Remove one or more user tags
• set sample classification: Set the classification of a sample
• delete sample classification: Delete the (user set) classification of a sample
• yara get rulesets: Get a list of YARA rulesets that are on the A1000
• yara get ruleset text: Get the full contents of the requested ruleset
• yara get matches: Retrieve the list of YARA matches
• yara create or update ruleset: Creates a new YARA ruleset if it doesn't exist
• yara delete ruleset: Delete a specific YARA ruleset and its matches
• yara enable or disable ruleset: Enable or disable a ruleset on the appliance
• yara get synchronization time: Get the current synchronization time
• yara set ruleset synchronization time: Modify the TiCloud sync time for TiCloud enabled rulesets
• yara start or stop local retro scan: Allow users to start or stop the Local Retro scan on the appliance
• yara manage cloud retro scan: Allow users to start, stop or clear a Cloud Retro scan
• yara status retro scan local: Allow users to check the status of a Local Retro scan
• yara status retro scan cloud: Allow users to check the status of Cloud Retro scan for specified ruleset
• list containers for hash: Get a list of containers from which the requested samples has been extracted
• delete sample: Delete the sample with the requested hash value
• download extracted files: Download files extracted from local sample
• reanalyze local samples: Submit a set of samples that already exist on the A1000