Check Scan Status
Check the scan status of the Hybrid Analysis sandbox.
Parameters
| Parameter | Description |
|---|---|
| Scan ID | The ID of the scan that was analyzed. The ID can be the job_id or the sha256 fields from the Scan URL or Scan File actions. |
Example Output
{
"classification_tags": [],
"tags": [],
"submissions": [
{
"submission_id": "63de7d8d49a6d52ea854e3e6",
"filename": "file",
"url": null,
"created_at": "2023-02-04T15:45:17+00:00"
}
],
"machine_learning_models": [],
"crowdstrike_ai": null,
"job_id": "63de7d8c49a6d52ea854e3e5",
"environment_id": 100,
"environment_description": "Windows 7 32 bit",
"size": 6,
"type": "ASCII text, with no line terminators",
"type_short": [
"text"
],
"target_url": null,
"state": "ERROR",
"error_type": "UNKNOWN_ERROR",
"error_origin": "SERVER",
"submit_name": "file",
"md5": "89defae676abd3e3a42b41df17c40096",
"sha1": "c7a9f84bb5ac28e434238294999c298637e77cce",
"sha256": "2ed46d7bedc17aba18343eac71e21648b1af50fff732af7e338075cd0ed1567a",
"sha512": "0fa9644263e365c4d264888825f22b7d7b104f5455861641e619b225aae8f23bcf6586be45d2090ccc9aa649a23ff55340f6bf4ebff733cfcea971a1b5d4b3d2",
"ssdeep": null,
"imphash": null,
"entrypoint": null,
"entrypoint_section": null,
"image_base": null,
"subsystem": null,
"image_file_characteristics": [],
"dll_characteristics": [],
"major_os_version": null,
"minor_os_version": null,
"av_detect": null,
"vx_family": null,
"url_analysis": false,
"analysis_start_time": "2023-02-04T15:45:17+00:00",
"threat_score": null,
"interesting": false,
"threat_level": null,
"verdict": null,
"certificates": [],
"domains": [],
"compromised_hosts": [],
"hosts": [],
"total_network_connections": 0,
"total_processes": 0,
"total_signatures": 0,
"extracted_files": [],
"file_metadata": null,
"processes": [],
"mitre_attcks": [],
"network_mode": "default",
"signatures": []
}
Workflow Library Example
Check Scan Status with Hybrid Analysis and Send Results Via Email
Preview this Workflow on desktop