Skip to main content
Get a score for a process execution profile.
External DocumentationTo learn more, visit the EchoTrail documentation.

Basic Parameters

ParameterDescription
HashThe hash of the process.
HostnameThe process’s hostname.
Parent NameThe name (or path) of the parent process.
Process nameThe name (or path) of the process being analyzed. For example, C:\Windows\System32\cmd.exe.

Advanced Parameters

ParameterDescription
ChildrenA list of child processes (without paths) spawned by this process.
EnvironmentThe process’s environment.
Grandparent NameThe name (or path) of the grandparent process.
Network PortsA list of network ports used by this process.
Record ExecutionLog the process’s execution.

Example Output

{
  "echotrail_score": 97,
  "global": {
    "rank": 2,
    "host_prev": 99,
    "overall_score": 98,
    "path_score": 97,
  }
}

Workflow Library Example

Score Process with Echotrail and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop