Analysis

Объект Analysis содержит общие сведения об анализе и список объектов Task.

Структура

Ключ	Тип	Описание
id	UUID	UUID задачи.
sample_id	number	ID анализируемого файла.
size	number	Размер файла в байтах.
sha1	string	Хэш SHA1.
user_name	string	Логин пользователя.
format_name	string	Формат файла. Совпадает с форматом Sample.format_name, если формат не был указан явно при запуске анализа файла.
tasks	array [Task]	Список задач. Соответствует выбранным платформам.

Примеры

Если вы запросили определенный анализ по его ID, в ответ вы получите объект Analysis, в котором ключ tasks — это список объектов TaskFinished или TaskProcessing:

{

"id": 1629b17b-fd44-46e6-97a2-1310c1f050a4,

"sample_id": 6248,

"size": 3242863,

"sha1": "8c81eb1b6a87e30656d479968eca969bc59bdeb3",

"start_date": "2018-12-12T11:29:44.645968+00:00",

"user_name": "name_example",

"format_name": "rtf",

"tasks": [

{

"end_date": "2018-12-12T11:33:37.490050+00:00",

"platform_code": "winxpx86",

"maliciousness": 100,

"id": 16916,

"status": "successful",

"start_date": "2018-12-12T11:29:44.645968+00:00",

"rules": {

"neutral": [

"Searching for the window",

"Creating a window",

"DNS request",

"Sending an HTTP GET request"

"suspicious": [

"Connection attempt by exploiting the app vulnerability"

]

"detects": [

"behavior",

"files_dumps"

"verdict": "malware2"

{

"end_date": "2018-12-12T11:33:47.716867+00:00",

"platform_code": "win7x86",

"maliciousness": 100,

"id": 16917,

"status": "successful",

"start_date": "2018-12-12T11:29:44.645968+00:00",

"rules": {

"neutral": [

"Creating a window",

"DNS request",

"Sending an HTTP GET request",

"Creating a process from a recently created file",

"Launching a process"

"suspicious": [

"Connection attempt by exploiting the app vulnerability"

]

"detects": [

"behavior",

"files_dumps"

"verdict": "malware2"

{

"end_date": "2018-12-12T11:34:08.229276+00:00",

"platform_code": "win7x64",

"maliciousness": 100,

"id": 16918,

"status": "successful",

"start_date": "2018-12-12T11:29:44.645968+00:00",

"rules": {

"neutral": [

"Creating a window",

"DNS request",

"Sending an HTTP GET request",

"Creating a file in the %temp% directory",

"Launching a process",

"Launching the default Windows debugger (dwwin.exe)"

"suspicious": [

"Connection attempt by exploiting the app vulnerability"

]

"detects": [

"behavior",

"files_dumps"

"verdict": "malware2"

{

"end_date": "2018-12-12T11:35:11.553665+00:00",

"platform_code": "win10x64_1903",

"maliciousness": 100,

"id": 16919,

"status": "successful",

"start_date": "2018-12-12T11:29:44.645968+00:00",

"rules": {

"neutral": [

"Creating a window",

"Sending an HTTP GET request"

"suspicious": [

"Connection attempt by exploiting the app vulnerability"

]

"detects": [

"behavior",

"files_dumps"

"verdict": "malware2"

}

]

}

Если вы запросили список анализов методом GET analyses, в ответ вы получите список объектов Analysis, в каждом из которых ключ tasks — это список объектов TaskBasic:

{

"id": 1629b17b-fd44-46e6-97a2-1310c1f050a4,

"sample_id": 6248,

"size": 3242863,

"sha1": "8c81eb1b6a87e32152d439965eca944bc59bdeb3",

"start_date": "2018-12-12T11:29:44.645968+00:00",

"user_name": "name_example",

"format_name": "rtf",

"tasks": [

{

"end_date": "2018-12-12T11:33:37.490050+00:00",

"platform_code": "winxpx86",

"maliciousness": 100,

"id": 16916,

"status": "successful",

"start_date": "2018-12-12T11:29:44.645968+00:00"

{

"end_date": "2018-12-12T11:33:47.716867+00:00",

"platform_code": "win7x86",

"maliciousness": 100,

"id": 16917,

"status": "successful",

"start_date": "2018-12-12T11:29:44.645968+00:00"

{

"end_date": "2018-12-12T11:34:08.229276+00:00",

"platform_code": "win7x64",

"maliciousness": 100,

"id": 16918,

"status": "successful",

"start_date": "2018-12-12T11:29:44.645968+00:00"

{

"end_date": "2018-12-12T11:35:11.553665+00:00",

"platform_code": "win10x64_1903",

"maliciousness": 100,

"id": 16919,

"status": "successful",

"start_date": "2018-12-12T11:29:44.645968+00:00"

}

]

}