api.sampledb.v1 package

Submodules

api.sampledb.v1.sample module

Autogenerated API

api.sampledb.v1.sample.get_evil_samples(customerID: list = None, startTimestamp: int = None, endTimestamp: int = None, tlp: list = None, limit: int = 25, offset: int = 0, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Searches for evil samples. (DEV)

Return type:

dict

Parameters:
  • customerID (list) – Set of customer IDs to limit samples result.
  • startTimestamp (int) – Start of time search period for submission creation date. (default 24 hours before timestamp of request.)
  • endTimestamp (int) – End of time search period for submission creation date. (default Timestamp of request.)
  • tlp (list) – Set of TLPs to search for.
  • limit (int) – Set this value to set max number of results. (default 25)
  • offset (int) – Set this value to skip the first (offset) objects. By default, return result from first object. (default 0)
Raises:
Returns:

{“offset”: 127, “limit”: 973, “responseCode”: 200, “count”: 553, “data”: [{“mimeType”: “Crime sport like clear.”, “entropy”: 12, “createdTimestamp”: 87803096, “ssDeep”: “Wait nothing hit drug option lose.”, “size”: 443, “sha256”: “To career follow who lot school.”, “tlp”: “AMBER”, “flags”: [“EVIL”]}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Writer coach reach describe main.”, “messageTemplate”: “Sell our argue.”, “field”: “Leg best east physical before.”, “parameter”: {}, “timestamp”: 14540640}], “currentPage”: 451, “size”: 973}

api.sampledb.v1.sample.get_sample(sha256: str, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Fetch sample info identified by SHA256. (DEV)

Return type:

dict

Parameters:

sha256 (str) – SHA256 to identify sample info

Raises:
Returns:

{“offset”: 842, “limit”: 410, “responseCode”: 200, “count”: 742, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Read Republican forward wait likely simple.”, “messageTemplate”: “Issue nor natural market.”, “field”: “Worker name avoid skill decision.”, “parameter”: {}, “timestamp”: 250804429}], “currentPage”: 199, “size”: 504}

api.sampledb.v1.sample.get_sample_aggregated(sha256: str, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Fetch sample aggregated info identified by SHA256. (DEV)

Return type:

dict

Parameters:

sha256 (str) – SHA256 to identify sample aggregated info

Raises:
Returns:

{“offset”: 793, “limit”: 196, “responseCode”: 200, “count”: 881, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Back probably require role.”, “messageTemplate”: “While Mrs notice individual.”, “field”: “Help also instead stock.”, “parameter”: {}, “timestamp”: 1305989871}], “currentPage”: 795, “size”: 840}

api.sampledb.v1.sample.get_sample_children(sha256: str, customerID: list = None, offset: int = 0, limit: int = 25, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Get sample children submissions with search defined by query params (DEV)

Return type:

dict

Parameters:
  • sha256 (str) – SHA256 to identify parent sample
  • customerID (list) – Search by customer IDs
  • offset (int) – Skip a number of results
  • limit (int) – Maximum number of returned results
Raises:
Returns:

{“offset”: 693, “limit”: 127, “responseCode”: 200, “count”: 772, “data”: [{“id”: 14, “sha256”: “Sell compare go hold choice yeah.”, “createdTimestamp”: 291705619, “owner”: “Purpose that several sell director stop.”, “properties”: {“additionalProperties”: “Eight water room local employee senior population.”}, “tlp”: “AMBER”}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Spring star how federal something them walk.”, “messageTemplate”: “Major responsibility night reality wall.”, “field”: “Feel pass away court.”, “parameter”: {}, “timestamp”: 170951112}], “currentPage”: 188, “size”: 441}

api.sampledb.v1.sample.get_sample_download(sha256: str, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Fetch and download sample by SHA256 (DEV) Download sample zip file by specified SHA256

Return type:dict
api.sampledb.v1.sample.get_sample_tags(sha256: str, offset: int = 0, limit: int = 25, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Fetch tags of sample which sample is identified by SHA256. (DEV)

Return type:

dict

Parameters:
  • sha256 (str) – SHA256 to identify sample which tags belongs to
  • offset (int) – Skip a number of results
  • limit (int) – Maximum number of returned results
Raises:
Returns:

{“offset”: 331, “limit”: 682, “responseCode”: 200, “count”: 925, “data”: [{“id”: 37, “producer”: “Technology technology material capital ago serve heart girl.”, “producerMeta”: “Shake interest control like.”, “value”: “City reveal hair interest law itself movement.”, “createdTimestamp”: 1271986187}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Wall two camera.”, “messageTemplate”: “Think find father culture.”, “field”: “Writer each thank that position program.”, “parameter”: {}, “timestamp”: 491713461}], “currentPage”: 152, “size”: 974}

api.sampledb.v1.sample.get_sandbox_pcap(sha256: str, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Fetch and download sandbox pcap by sample SHA256 (DEV) Download sandbox pcap by specified sample SHA256

Return type:dict
api.sampledb.v1.sample.get_sandbox_procgraph(sha256: str, runUUID: str, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Fetch sandbox procgraph by sample SHA256 and id (DEV) Fetch sandbox procgraph by specified sample SHA256 and id

Return type:dict
api.sampledb.v1.sample.get_sandbox_runs(sha256: str, offset: int = 0, limit: int = 25, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Fetch sandbox runs of sample which sample is identified by SHA256. (DEV)

Return type:

dict

Parameters:
  • sha256 (str) – SHA256 to identify sample which sandbox runs belongs to
  • offset (int) – Skip a number of results
  • limit (int) – Maximum number of returned results
Raises:
Returns:

{“offset”: 880, “limit”: 413, “responseCode”: 200, “count”: 789, “data”: [{“id”: 892, “sha256”: “General happen individual of save edge.”, “runUUID”: “Political standard claim rate she.”, “startTimestamp”: 1126577717, “endTimestamp”: 1343483022, “ip”: “Prove recent myself reduce develop serious.”, “version”: “Figure class produce occur today watch quickly maybe.”, “duration”: 197, “result”: {}}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Tax right may meeting themselves education.”, “messageTemplate”: “Both decide time dinner as more.”, “field”: “Lay lose none thus.”, “parameter”: {}, “timestamp”: 325810203}], “currentPage”: 473, “size”: 543}

api.sampledb.v1.sample.list_submissions_by_sample_id(sha256: str, customerID: list = None, offset: int = 0, limit: int = 25, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Search for submissions with defined by query params (DEV)

Return type:

dict

Parameters:
  • sha256 (str) – SHA256 to identify sample submissions
  • customerID (list) – Search by customer IDs
  • offset (int) – Skip a number of results
  • limit (int) – Maximum number of returned results
Raises:
Returns:

{“offset”: 429, “limit”: 636, “responseCode”: 200, “count”: 178, “data”: [{“id”: 515, “sha256”: “Interest worry west lawyer newspaper.”, “createdTimestamp”: 1324075806, “owner”: “Early past really instead loss.”, “properties”: {“additionalProperties”: “Whom appear debate throw.”}, “tlp”: “AMBER”}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Challenge meet remember field us affect turn certain.”, “messageTemplate”: “Others experience second pass need political investment.”, “field”: “Sell family college necessary alone similar public.”, “parameter”: {}, “timestamp”: 1100543393}], “currentPage”: 812, “size”: 757}

api.sampledb.v1.sample.submit(customer: str = None, tlp: str = None, data: str = None, clientName: str = None, fileName: str = None, enableSandboxAnalysis: bool = 'True', enableAntivirusScan: bool = 'True', allowSandboxInternetAccess: bool = 'False', json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]

Submit a sample for analysis (DEV)

Return type:

dict

Parameters:
  • customer (str) – Customer ID or short name of the customer to register this sample to.
  • tlp (str) – TLP level of the sample.
  • data (str) – The sample data.
  • clientName (str) – Name of client application. => [sw{}$-().[]“‘_/,*+#:@!?;]*
  • fileName (str) – Name of submitted file. => Sanitize by regex [a-zA-Z0-9ÅåØøÆæ_-. ]*
  • enableSandboxAnalysis (bool) – Enable sandbox analysis of sample. (default true)
  • enableAntivirusScan (bool) – Enable antivirus scan of sample. (default true)
  • allowSandboxInternetAccess (bool) – Allow internet access to sandbox. (default false)
Raises:
Returns:

{“offset”: 479, “limit”: 66, “responseCode”: 200, “count”: 1000, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Pass Mr instead seem generation century.”, “messageTemplate”: “Daughter never idea begin.”, “field”: “Four more case plant.”, “parameter”: {}, “timestamp”: 1054603413}], “currentPage”: 750, “size”: 384}

Module contents