Recorded Future Triage
Version: 1.0.3
Recorded Future Triage is a state-of-the–art malware analysis sandbox, with all the features you need. High-volume sample submission in a customisable environment with detections and configuration extraction for many malware families.
Connect Triage with LogicHub
- Navigate to Automations > Integrations.
- Search for Triage.
- Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- Base URL: Base URL of Triage instance (Example https://tria.ge or https://sandbox.recordedfuture.com)
- API Key: The API key to connect to the Triage Sandbox.
- After you've entered all the details, click Connect.
Actions for Triage
Submit File or URL
Submit files or URLs to the Triage Sandbox
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Submission Column Name | Column name from parent table that contains file or URL. | Required |
| Sandbox Submission Type | Select File / URL / Fetch. | Required |
Output
A JSON object containing user details.
{
"has_error":false,
"error":null,
"submitted": "2023-01-12 12:45:55",
"id": "id-xV4%s4v!dGViQobn",
"kind": "url",
"status": "pending",
"url": "https://malware_sample_analysis",
"private": true
}
Release Notes
v1.0.3- Initial release withSubmit File or URLAction
Updated 11 months ago