S2W Quaxar

Download 14
Last updated Jul 7, 2022

quaxar-ip-indicators

Get IP address indicators of compromise from S2W Quaxar service.

quaxar-ip-indicators

Output Fields

FieldTypeNameDescription
typeStringTypee.g. ipv4-addr
valueStringValueIP address
categoriesStringCategoriese.g. malware, APT, unknown
malwareStringMalwareMalware family. e.g. Formbook
risk_scoreIntegerRisk scoree.g. 1, 2, 3
confidenceIntegerConfidencee.g. 15, 50, 85
recommendIntegerRecommende.g. 1, 2, 3, 4, 5
descriptionStringDescription
etcStringEtc
createdDateCreated
modifiedDateModified
actorsStringActorsThreat actors separated by new line
attack_patternStringAttack patternTTP separated by new line
countryStringCountryCountry code
reference_iocStringIoC referenceURL separated by new line
reference_xarvisStringXarvis referenceURL separated by new line
relationMapRelationSTIX object map
cityStringCityCity name
asnStringASNASN number
orgStringOrganizationOrganization name of ASN
hostnameStringHostname
resolved_atStringResolved time