Analysis

The Analysis object contains general analysis information and a list of Task objects.

Structure

Key

Type

Description

id

UUID

Task UUID.

sha1

string

SHA1 hash.

sample_id

integer

Sample ID.

size

integer

File size in bytes.

format_name

string/null

File format. Matches the Sample.format_name format, if the format was not specified explicitly when starting the file analysis.

start_date

string (datetime.iso8601)

Date and time the analysis started.

user_name

string

User login.

tasks

array [Task]

List of tasks. Corresponds to the selected platforms.

Examples

If you request a certain analysis by its ID, in response, you receive the Analysis object where the tasks key is a list of TaskFinished or TaskProcessing objects:

{

 "id": 1629b17b-fd44-46e6-97a2-1310c1f050a4,

 "sample_id": 6248,

 "size": 3242863,

 "sha1": "8c81eb1b6a87e30656d479968eca969bc59bdeb3",

 "start_date": "2018-12-12T11:29:44.645968+00:00",

 "user_name": "name_example",

 "format_name": "rtf",

 "tasks": [

   {

     "end_date": "2018-12-12T11:33:37.490050+00:00",

     "platform_code": "winxpx86",

     "maliciousness": 100,

     "id": 16916,

     "status": "successful",

     "start_date": "2018-12-12T11:29:44.645968+00:00",

     "rules": {

       "neutral": [

         "Searching for the window",

         "Creating a window",

         "DNS request",

         "Sending an HTTP GET request"

       "suspicious": [

         "Connection attempt by exploiting the app vulnerability"

       ]

     },

     "detects": [

       "behavior",

       "files_dumps"

       ],

     "verdict": "malware2"

   },

   {

     "end_date": "2018-12-12T11:33:47.716867+00:00",

     "platform_code": "win7x86",

     "maliciousness": 100,

     "id": 16917,

     "status": "successful",

     "start_date": "2018-12-12T11:29:44.645968+00:00",

     "rules": {

       "neutral": [

         "Creating a window",

         "DNS request",

         "Sending an HTTP GET request",

         "Creating a process from a recently created file",

         "Launching a process"

       ],

       "suspicious": [

         "Connection attempt by exploiting the app vulnerability"

       ]

     },

     "detects": [

       "behavior",

       "files_dumps"

       ],

     "verdict": "malware2"

   },

   {

     "end_date": "2018-12-12T11:34:08.229276+00:00",

     "platform_code": "win7x64",

     "maliciousness": 100,

     "id": 16918,

     "status": "successful",

     "start_date": "2018-12-12T11:29:44.645968+00:00",

     "rules": {

       "neutral": [

         "Creating a window",

         "DNS request",

         "Sending an HTTP GET request",

         "Creating a file in the %temp% directory",

         "Launching a process",

         "Launching the default Windows debugger (dwwin.exe)"

       ],

       "suspicious": [

         "Connection attempt by exploiting the app vulnerability"

       ]

     },

     "detects": [

       "behavior",

       "files_dumps"

       ],

     "verdict": "malware2"

   },

   {

     "end_date": "2018-12-12T11:35:11.553665+00:00",

     "platform_code": "win10x64_1903",

     "maliciousness": 100,

     "id": 16919,

     "status": "successful",

     "start_date": "2018-12-12T11:29:44.645968+00:00",

     "rules": {

       "neutral": [

         "Creating a window",

         "Sending an HTTP GET request"

       ],

       "suspicious": [

         "Connection attempt by exploiting the app vulnerability"

       ]

     },

     "detects": [

       "behavior",

       "files_dumps"

       ],

     "verdict": "malware2"

   }

 ]

}

 

If you request a list of analyses using the GET analyses method, in response, you receive a list of Analysis objects, each contains the tasks key—a list of TaskBasic objects:

{

   "id": 1629b17b-fd44-46e6-97a2-1310c1f050a4,

   "sample_id": 6248,

   "size": 3242863,

   "sha1": "8c81eb1b6a87e32152d439965eca944bc59bdeb3",

   "start_date": "2018-12-12T11:29:44.645968+00:00",

   "user_name": "name_example",

   "format_name": "rtf",

   "tasks": [

     {

       "end_date": "2018-12-12T11:33:37.490050+00:00",

       "platform_code": "winxpx86",

       "maliciousness": 100,

       "id": 16916,

       "status": "successful",

       "start_date": "2018-12-12T11:29:44.645968+00:00"

     },

     {

       "end_date": "2018-12-12T11:33:47.716867+00:00",

       "platform_code": "win7x86",

       "maliciousness": 100,

       "id": 16917,

       "status": "successful",

       "start_date": "2018-12-12T11:29:44.645968+00:00"

     },

     {

       "end_date": "2018-12-12T11:34:08.229276+00:00",

       "platform_code": "win7x64",

       "maliciousness": 100,

       "id": 16918,

       "status": "successful",

       "start_date": "2018-12-12T11:29:44.645968+00:00"

     },

     {

       "end_date": "2018-12-12T11:35:11.553665+00:00",

       "platform_code": "win10x64_1903",

       "maliciousness": 100,

       "id": 16919,

       "status": "successful",

       "start_date": "2018-12-12T11:29:44.645968+00:00"

     }

   ]

 }