ctx-get-file-report
Get file report from CTX service.
ctx-get-file-report [profile=PROFILE] hash=HASH
- profile=PROFILE
- Profile name of CTX
- hash=HASH
- MD5, SHA1 or SHA256
Output Fields
Field | Type | Name | Description |
---|---|---|---|
profile | String | Connect profile | The identifier of CTX connect profile |
file_names | String | File names | e.g. rms2.exe |
file_size | Long | File size | e.g. 8684106 |
file_type | String | File type | e.g. exe_32bit |
signature | String | Signature | e.g. exe.trojan.rabased |
first_seen | Date | First seen | |
last_seen | Date | Last seen | |
tags | String | Tags | e.g. backdoor, generickd, rabased, remoteadmin, trojan |
threat_types | String | Threat types | e.g. backdoor |
mitre_tactics | String | MITRE tactics | |
mitre_techniques | String | MITRE techniques | |
mitre_technique_names | String | MITRE technique names | |
md5 | String | MD5 | e.g. 73f351beae5c881fafe36f42cde9a47c |
sha1 | String | SHA1 | e.g. dc1425cfd5569bd59f5d56432df875b59da9300b |
sha256 | String | SHA256 | e.g. a028816d9741540c6184091b4ae3c4e42b104f90fe3b17a55d0e4aa4c4c43824 |
ssdeep | String | SSDEEP | e.g. 196608:PdQ5Lq4eAGPJgBDpKLtW0tzHlYd3cvF8m9k/RRZpAp2FG0c+imhtO:P2VqyC8mQ0vxN79kpR40cUO |
ctx_api_version | String | CTX API version | e.g. v1.1 |
txid | String | Transaction ID | e.g. ctx-transaction--aab038f5-ba12-5fa1-bdda-5e2c29f8f251 |
result_code | Integer | Result code | e.g. 200, 400, 404 |
result_msg | String | Result message | e.g. Success |
req_time | Date | Request time | |
resp_time | Date | Response time |