Get Sub Analysis File Metadata

Get an analysis sample's metadata.

External Documentation

To learn more, visit the Intezer documentation.

Parameters

Parameter	Description
Root Analysis ID	The Root analysis ID.
Sub Analysis ID	The sub analysis ID, can be retrieved from the 'List Sub Analyses IDs' action.

Example Output

{
    "architecture": "i386",
    "company": "Microsoft Corporation",
    "compilation_timestamp": "2014:02:06 12:37:44+00:00",
    "file_type": "pe",
    "md5": "ec7e3cfaeaac0401316d66e964be684e",
    "original_filename": "cryptsp.dll",
    "product": "Microsoft® Windows® Operating System",
    "product_version": "6.1.7600.16385",
    "sha1": "dbda26c8dfbd511fd048a89a0d0dd300df385e55",
    "sha256": "4e553bce90f0b39cd71ba633da5990259e185979c2859ec2e04dd8efcdafe356",
    "size_in_bytes": 260096,
    "ssdeep": "6144:PbNYcJzYikvnVaZnzShtmzoLVQFYp+oPuy9ijU9cR:PbSqenVqnzSht1QOpdA",
    "indicators": [
        {
            "name": "file_infector",
            "classification": "malicious",
            "additional_info": "expiro"
        }
    ]
}

Workflow Library Example

Get Sub Analysis File Metadata with Intezer and Send Results Via Email

Preview this Workflow on desktop

Get Sub Analysis File Metadata

Parameters​

Example Output​

Workflow Library Example​

Parameters

Example Output

Workflow Library Example