To learn more, visit the Intezer documentation.
Parameters
| Parameter | Description |
|---|---|
| Analysis ID | The analysis ID. |
Example Output
{ "sub_analyses": [ { "sha256": "14ca4a614156e924d077e1bf6709cd24796a1ddc92aa1ac9c0b85103fea943bd", "source": "root", "sub_analysis_id": "ae0ad225-4f37-43ce-8ffd-a7771b896a36" }, { "extraction_info": { "collected_from": "memory", "processes": [ { "module_path": "C:\\Users\\WMJI\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\ddnvojbl.exe", "parent_process_id": 1584, "process_id": 3000, "process_path": "C:\\Users\\WMJI\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\ddnvojbl.exe" }, { "module_path": "C:\\Users\\WMJI\\AppData\\Local\\uwyjejru\\ddnvojbl.exe", "parent_process_id": 3040, "process_id": 1348, "process_path": "C:\\Users\\WMJI\\AppData\\Local\\uwyjejru\\ddnvojbl.exe" } ] }, "sha256": "07c2eeddb010517cf89f65786c5c66241b98e629a2a6ad1fc49d64efaa5eeceb", "source": "dynamic_execution", "sub_analysis_id": "77230634-e0d6-41f2-8809-01aebfa38a5c" }, { "sha256": "89c2eeddb033417cf89f6dddc5c66241b98e629a2a6ad1fc49d64efaarifk4dd", "source": "dynamic_execution", "sub_analysis_id": "88230633-e0d6-42f2-8809-01aebfa38a5c", "extraction_info": { "collected_from": "disk", "dropped_path": "C:\\Users\\Temp\\mal_file.dll", "file_name": "mal_file.dll" } }, { "extraction_info": { "dropped_path": "2cba711f579dec2caaac188db6c22bb2cc83251449a11bfc34112d6f3112b86a.sample.unpacked", "parent_file_sha256": "2cba711f579dec2caaac188db6c22bb2cc83251449a11bfc34112d6f3112b86a" }, "sha256": "30b11cd15d64c7a8c21c5173e806cd1b53736dda03cd67037a5401e96afae6f8", "source": "static_extraction", "sub_analysis_id": "479d81e8-b6ba-4c13-87e7-0f78c73cbf53" } ]}
Workflow Library Example
List Sub Analyses Ids with Intezer and Send Results Via Email
Preview this Workflow on desktop