ctx-get-file-report-batch
Get multiple file reports from CTX service.
ctx-get-file-report-batch [profile=PROFILE] [field=FIELD]
- profile=PROFILE
- Profile name of CTX
- field=FIELD
- hash by default.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect profile | The identifier of CTX connect profile |
| file_names | String | File names | e.g. rms2.exe |
| file_size | Long | File size | e.g. 8684106 |
| file_type | String | File type | e.g. exe_32bit |
| signature | String | Signature | e.g. exe.trojan.rabased |
| first_seen | Date | First seen | |
| last_seen | Date | Last seen | |
| tags | String | Tags | e.g. backdoor, generickd, rabased, remoteadmin, trojan |
| threat_types | String | Threat types | e.g. backdoor |
| mitre_tactics | String | MITRE tactics | |
| mitre_techniques | String | MITRE techniques | |
| mitre_technique_names | String | MITRE technique names | |
| md5 | String | MD5 | e.g. 73f351beae5c881fafe36f42cde9a47c |
| sha1 | String | SHA1 | e.g. dc1425cfd5569bd59f5d56432df875b59da9300b |
| sha256 | String | SHA256 | e.g. a028816d9741540c6184091b4ae3c4e42b104f90fe3b17a55d0e4aa4c4c43824 |
| ssdeep | String | SSDEEP | e.g. 196608:PdQ5Lq4eAGPJgBDpKLtW0tzHlYd3cvF8m9k/RRZpAp2FG0c+imhtO:P2VqyC8mQ0vxN79kpR40cUO |
| ctx_api_version | String | CTX API version | e.g. v1.1 |
| txid | String | Transaction ID | e.g. ctx-transaction--aab038f5-ba12-5fa1-bdda-5e2c29f8f251 |
| result_code | Integer | Result code | e.g. 200, 400, 404 |
| result_msg | String | Result message | e.g. Success |
| req_time | Date | Request time | |
| resp_time | Date | Response time |