|
The Task object contains data about a task. Task is a file analysis on a single platform. Task can contain a various set of keys: TaskBasic, TaskFinished, or TaskProcessing.
TaskBasic
The TaskBasic object contains general information about a task. Such an object with the basic set of keys is used in a list of Analysis objects.
Structure
Key
|
Type
|
Description
|
id
|
integer
|
Task ID.
|
status
|
string
|
Task status. Available values: in queue, failed, processing, deleted, successful.
|
maliciousness
|
integer/null
|
Maliciousness, from 0 to 100.
|
platform_code
|
string
|
Platform.code.
|
start_date
|
string (datetime.iso8601)
|
Date and time the task was started.
|
end_date
|
string/null (datetime.iso8601)
|
Date and time the task was completed.
|
Example
{
"id": 16916,
"status": "successful",
"maliciousness": 100,
"platform_code": "winxpx86",
"start_date": "2018-12-12T11:29:44.645968+00:00",
"end_date": "2018-12-12T11:33:37.490050+00:00"
}
|
TaskFinished
The TaskFinished object contains the keys of the TaskBasic object and analysis results for the specified platform.
Structure
Key
|
Type
|
Description
|
id
|
integer
|
Task ID.
|
status
|
string
|
Task status. Available values: in queue, failed, processing, deleted, successful.
|
maliciousness
|
integer/null
|
Maliciousness, from 0 to 100.
|
platform_code
|
string
|
Platform.code.
|
start_date
|
string (datetime.iso8601)
|
Date and time the task was started.
|
end_date
|
string/null (datetime.iso8601)
|
Date and time the task was completed.
|
verdict
|
string
|
Overall result of the file maliciousness corresponding to one of three categories. The higher number corresponds to the higher level of the maliciousness probability. Available values: none, clean1, clean2, suspicious1, suspicious2, malware1, malware2.
|
rules
|
object/null
|
List of triggered rules.
|
detects
|
object
|
Available values: yara, behavior, and files_dumps. The behavior field displays information about the category of file behavior. The files_dumps field informs about threats found in generated files and memory dumps.
|
sample_detect
|
string/null
|
Name of the threat detected using signature databases.
|
Example
{
"id": 16916,
"status": "successful",
"maliciousness": 100,
"platform_code": "winxpx86",
"start_date": "2018-12-12T11:29:44.645968+00:00",
"end_date": "2018-12-12T11:33:37.490050+00:00",
"verdict": "malware2",
"rules": null,
"detects": [
"files_dumps"
],
"platform_code": "win7x64"
}
|
TaskProcessing
TaskFinished contains the keys of the TaskBasic object and data about the analysis process.
Structure
Key
|
Type
|
Description
|
id
|
integer
|
Task ID.
|
status
|
string
|
Task status. Available values: in queue, failed, processing, deleted, successful.
|
maliciousness
|
integer/null
|
Maliciousness, from 0 to 100.
|
platform_code
|
string
|
Platform.code.
|
start_date
|
string (datetime.iso8601)
|
Date and time the task was started.
|
end_date
|
string
|
Date and time the task was completed.
|
message
|
string/null
|
Message about the task progress.
|
progress
|
integer
|
Task progress, in percent.
|
Example
{
"id": 18656,
"status": "processing",
"maliciousness": null,
"platform_code": "win7x86",
"start_date": "2019-02-07T09:39:11.517117+00:00",
"end_date": null,
"message": "Waiting while the file is running (60 sec)…",
"progress": 19
}
|
|