Link Search Menu Expand Document

Submit URL to Malware Analytics

Out of Box

Response Workflow

This workflow submits a URL to Cisco Secure Malware Analytics for analysis. Supported observable: url


Change Log

Date Notes
Jun 23, 2020 - Initial release
Sep 10, 2021 - Updated to use the new system atomics

See the Important Notes page for more information about updating workflows


Requirements

  • The following system atomics are used by this workflow:
    • Secure Malware Analytics - Submit URL
  • The following atomic actions must be imported before you can import this workflow:
    • None
  • The targets and account keys listed below
  • Cisco Secure Malware Analytics

Workflow Steps

  1. Fetch any necessary global variables
  2. Make sure the observable is supported
  3. Submit the URL provided as the observable to Secure Malware Analytics

Configuration

  • Provide the workflow your Secure Malware Analytics API token by either:
    • Storing your token in a global variable and using the Fetch Global Variables group at the beginning of the workflow to update the Secure Malware Analytics API Key local variable; or
    • Remove the Fetch Global Variables group and add your token directly to the Secure Malware Analytics API Key local variable
  • If you want to change the name of this workflow in the pivot menu, change its display name

Targets

Target Group: Default TargetGroup

Target Name Type Details Account Keys Notes
ThreatGrid_Target HTTP Endpoint Protocol: HTTPS
Host: panacea.threatgrid.com
Path: None
None Created by default