Skip to main content

Check Scan Status

Check the scan status of the Hybrid Analysis sandbox.

Parameters

ParameterDescription
Scan IDThe ID of the scan that was analyzed.The ID can be the job_id or the sha256 fields from the Scan URL or Scan File actions.

Example Output

{
"classification_tags": [],
"tags": [],
"submissions": [
{
"submission_id": "63de7d8d49a6d52ea854e3e6",
"filename": "file",
"url": null,
"created_at": "2023-02-04T15:45:17+00:00"
}
],
"machine_learning_models": [],
"crowdstrike_ai": null,
"job_id": "63de7d8c49a6d52ea854e3e5",
"environment_id": 100,
"environment_description": "Windows 7 32 bit",
"size": 6,
"type": "ASCII text, with no line terminators",
"type_short": [
"text"
],
"target_url": null,
"state": "ERROR",
"error_type": "UNKNOWN_ERROR",
"error_origin": "SERVER",
"submit_name": "file",
"md5": "89defae676abd3e3a42b41df17c40096",
"sha1": "c7a9f84bb5ac28e434238294999c298637e77cce",
"sha256": "2ed46d7bedc17aba18343eac71e21648b1af50fff732af7e338075cd0ed1567a",
"sha512": "0fa9644263e365c4d264888825f22b7d7b104f5455861641e619b225aae8f23bcf6586be45d2090ccc9aa649a23ff55340f6bf4ebff733cfcea971a1b5d4b3d2",
"ssdeep": null,
"imphash": null,
"entrypoint": null,
"entrypoint_section": null,
"image_base": null,
"subsystem": null,
"image_file_characteristics": [],
"dll_characteristics": [],
"major_os_version": null,
"minor_os_version": null,
"av_detect": null,
"vx_family": null,
"url_analysis": false,
"analysis_start_time": "2023-02-04T15:45:17+00:00",
"threat_score": null,
"interesting": false,
"threat_level": null,
"verdict": null,
"certificates": [],
"domains": [],
"compromised_hosts": [],
"hosts": [],
"total_network_connections": 0,
"total_processes": 0,
"total_signatures": 0,
"extracted_files": [],
"file_metadata": null,
"processes": [],
"mitre_attcks": [],
"network_mode": "default",
"signatures": []
}

Workflow Library Example

Check Scan Status with Hybrid Analysis and Send Results Via Email

Workflow LibraryPreview this Workflow on desktop