Skip to content

Capa#

Capa#

Author: Wes Lambert; Fabien Bloume, StrangeBee
License: AGPL-V3
Version: 1.0
Supported observables types:
- file
Registration required: False
Subscription required: False
Free subscription: False
Third party service: https://github.com/mandiant/capa

Description#

Analyze files with Capa

Configuration#

capa_path Path to Capa binary (if installed locally, should be /opt/Cortex-Analyzers/analyzers/Capa/capa)
Default value if not configured /worker/Capa/capa
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

CAPA: Long report template