Submit a malware sample for analysis. Note, Submitting a file counts against your submission quota. If you’ve used your monthly quota, you must wait until the quota resets to submit additional files. One of the following subscriptions is required to execute this action:
  • Falcon Intelligence or Falcon Intelligence Premium.
External DocumentationTo learn more, visit the CrowdStrike documentation.

Parameters

ParameterDescription
CommentProvide a comment on the file.
Environment IDThe sandbox environment ID, in which you want to analysis the file.
File IdentifierThe identifier of the file. You can create a file identifier using the Set File Variable.
File NameThe name of the file.

Example Output

{
	"meta": {
		"query_time": 3.171612093,
		"powered_by": "falconx-api",
		"trace_id": "9078d20a-62b0-438e-9b3f-d4d44bf82334",
		"quota": {
			"total": 5000,
			"used": 0,
			"in_progress": 1
		}
	},
	"resources": [
		{
			"id": "0123456789ABCDEFGHIJKLMNOPQRSTUV_eecd9a8f319940dfb0255e5d436822d9",
			"cid": "0123456789ABCDEFGHIJKLMNOPQRSTUV",
			"origin": "uiproxy",
			"state": "created",
			"created_timestamp": "2019-01-03T13:09:49Z",
			"sandbox": [
				{
					"sha256": "42a615198bcdfc72839936409c88af7ded125feabfec4753b307dc985aaba48f",
					"environment_id": 100,
					"submit_name": "virus.exe"
				}
			]
		}
	],
	"errors": []
}

Workflow Library Example

Submit File for Analysis with Crowdstrike and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop