Scan a file in the Hybrid Analysis sandbox for analysis. The default analysis system supports the following file extensions:
  • PE (.exe, .scr, .pif, .dll, .com, .cpl, etc.)
  • Office (.doc, .docx, .ppt, .pps, .pptx, .ppsx, .xls, .xlsx, .rtf, .pub)
  • PDF
  • APK
  • executable JAR
  • Windows Script Component (.sct)
  • Windows Shortcut (.lnk)
  • Windows Help (.chm)
  • HTML Application (.hta)
  • Windows Script File (*.wsf)
  • Javascript (.js),
  • Visual Basic (*.vbs, *.vbe)
  • Shockwave Flash (.swf)
  • Perl (.pl)
  • Powershell (.ps1, .psd1, .psm1)
  • Scalable Vector Graphics (.svg)
  • Python (.py) scripts
  • Perl (.pl) scripts
  • Linux ELF executables
  • MIME RFC 822 (*.eml)
  • Microsoft Installer packages(*.msi)
  • Outlook *.msg files.
External DocumentationTo learn more, visit the Hybrid Analysis documentation.

Basic Parameters

ParameterDescription
Environment IDThe sandbox environment to run the scan on.
File IdentifierThe identifier of the file. You can create a file identifier using the Set File Variable action.
Network SettingsNetwork settings for the file analysis.

Advanced Parameters

ParameterDescription
CommentOptional comment text that may be associated with the scan.
EmailOptional email address that may be associated with the submission for notification.

Example Output

{
	"job_id": "63de7d8c49a6d52ea854e3e5",
	"submission_id": "63de7d8d49a6d52ea854e3e6",
	"environment_id": 100,
	"sha256": "2ed46d7bedc17aba18343eac71e21648b1af50fff732af7e338075cd0ed1567a"
}

Workflow Library Example

Hybrid Analysis Detonate File in Sandbox
Workflow LibraryPreview this Workflow on desktop