ctx-get-file-relations
Get file relations from CTX service.
ctx-get-file-relations [profile=PROFILE] hash=HASH
- profile=PROFILE
- Profile name of CTX
- hash=HASH
- MD5, SHA1 or SHA256
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect profile | The identifier of CTX connect profile |
| ioc_type | String | IoC type | e.g. hash, ip, domain, url |
| relation | String | Relation | e.g. execute_processes, reverse_execute_processes, downloaded_files, reverse_downloaded_files, dropped_files, contacted_ips, contacted_domains, contacted_urls |
| verdict | String | Verdict | e.g. MALICIOUS, BENIGN |
| md5 | String | MD5 | e.g. bd96e11f157a19d969bf585811e434cf |
| sha1 | String | SHA1 | e.g. 603be792ab700278a278d3388cb124b6349b1fa4 |
| sha256 | String | SHA256 | e.g. a7e31abe10be6bca44f0a846d631e578efe78c14f6bf1cf834cfb15469fc1d3a |
| file_type | String | File type | e.g. txt, hlp, exe_32bit, exe_64bit |
| file_size | Long | File size | e.g. 439808 |
| signature | String | Signature | e.g. exe.trojan.apost |
| ip | IP address | IP address | e.g. 192.124.249.24 |
| first_seen | Date | First seen | |
| last_seen | Date | Last seen | |
| domain | String | Domain | |
| url | String | URL |