SophosIntelix#
SophosIntelix_Submit_Static#
Author: SOL
License: AGPL-V3
Version: 0.1
Supported observables types:
- file
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description#
Use SophosLabs machine learning to understand the characteristics of your suspicious file allowing you to see if the file is similar to known malware. For more information or to sign up for SophosLabs Intelix (with a free tier) see https://www.sophos.com/en-us/labs/intelix.aspx
Configuration#
| clientID | Client ID for Sophos Labs Intelix |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| clientSecret | Client Secret for Sophos Labs Intelix |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| polling_interval | Define time interval between two requests attempts for the report |
|---|---|
| Default value if not configured | 60 |
| Type of the configuration item | number |
| The configuration item can contain multiple values | False |
| Is required | False |
Templates samples for TheHive#
No template samples to display.
SophosIntelix_GetReport#
Author: SOL
License: AGPL-V3
Version: 0.3
Supported observables types:
- hash
- domain
- fqdn
- url
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description#
Fast and easy way to find out if the file is known Good, PUA (Potentially Unwanted Application), or, Malware. For more information or to sign up for SophosLabs Intelix (with a free tier) see https://www.sophos.com/en-us/labs/intelix.aspx
Configuration#
| clientID | Client ID for Sophos Labs Intelix |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| clientSecret | Client Secret for Sophos Labs Intelix |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| polling_interval | Define time interval between two requests attempts for the report |
|---|---|
| Default value if not configured | 60 |
| Type of the configuration item | number |
| The configuration item can contain multiple values | False |
| Is required | False |
Templates samples for TheHive#
No template samples to display.
SophosIntelix_Submit_Dynamic#
Author: SOL
License: AGPL-V3
Version: 0.1
Supported observables types:
- file
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description#
Detonate your suspicious file in SophosLabs Sandbox and find what behaviours the file has. For more information or to sign up for SophosLabs Intelix (with a free tier) see https://www.sophos.com/en-us/labs/intelix.aspx
Configuration#
| clientID | Client ID for Sophos Labs Intelix |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| clientSecret | Client Secret for Sophos Labs Intelix |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| polling_interval | Define time interval between two requests attempts for the report |
|---|---|
| Default value if not configured | 60 |
| Type of the configuration item | number |
| The configuration item can contain multiple values | False |
| Is required | False |
Templates samples for TheHive#
No template samples to display.