sandbox_report

package
v2.3.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 7, 2024 License: MIT Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Classification

type Classification struct {
	Type            string `json:"Type,omitempty"`
	Category        string `json:"Category,omitempty"`
	Score           int    `json:"Score,omitempty"`
	DetectedMalware string `json:"DetectedMalware,omitempty"`
}

type FileProperties

type FileProperties struct {
	FileType          string `json:"FileType,omitempty"`
	FileSize          int    `json:"FileSize,omitempty"`
	MD5               string `json:"MD5,omitempty"`
	SHA1              string `json:"SHA1,omitempty"`
	SHA256            string `json:"Sha256,omitempty"`
	Issuer            string `json:"Issuer,omitempty"`
	DigitalCerificate string `json:"DigitalCerificate,omitempty"`
	SSDeep            string `json:"SSDeep,omitempty"`
	RootCA            string `json:"RootCA,omitempty"`
}

type FullDetails

type FullDetails struct {
	Summary        SummaryDetail         `json:"Summary,omitempty"`
	Classification Classification        `json:"Classification,omitempty"`
	FileProperties FileProperties        `json:"FileProperties,omitempty"`
	Origin         *Origin               `json:"Origin,omitempty"`
	SystemSummary  []SystemSummaryDetail `json:"SystemSummary,omitempty"`
	Spyware        []*common.SandboxRSS  `json:"Spyware,omitempty"`
	Networking     []*common.SandboxRSS  `json:"Networking,omitempty"`
	SecurityBypass []*common.SandboxRSS  `json:"SecurityBypass,omitempty"`
	Exploit        []*common.SandboxRSS  `json:"Exploit,omitempty"`
	Stealth        []*common.SandboxRSS  `json:"Stealth,omitempty"`
	Persistence    []*common.SandboxRSS  `json:"Persistence,omitempty"`
}

type Origin

type Origin struct {
	Risk     string `json:"Risk,omitempty"`
	Language string `json:"Language,omitempty"`
	Country  string `json:"Country,omitempty"`
}

type RatingQuota

type RatingQuota struct {
	StartTime int    `json:"startTime,omitempty"`
	Used      int    `json:"used,omitempty"`
	Allowed   int    `json:"allowed,omitempty"`
	Scale     string `json:"scale,omitempty"`
	Unused    int    `json:"unused,omitempty"`
}

type ReportMD5Hash

type ReportMD5Hash struct {
	Details *FullDetails `json:"details,omitempty"`
}

type Service

type Service struct {
	Client *zia.Client
}

func New

func New(c *zia.Client) *Service

func (*Service) GetRatingQuota

func (service *Service) GetRatingQuota() ([]RatingQuota, error)

func (*Service) GetReportMD5Hash

func (service *Service) GetReportMD5Hash(md5Hash, details string) (*ReportMD5Hash, error)

GetReportMD5Hash retrieves the sandbox report for a specific MD5 hash with either full or summary details.

type Summary

type Summary struct {
	Detail         *SummaryDetail  `json:"Summary,omitempty"`
	Classification *Classification `json:"Classification,omitempty"`
	FileProperties *FileProperties `json:"FileProperties,omitempty"`
}

type SummaryDetail

type SummaryDetail struct {
	Status    string `json:"Status,omitempty"`
	Category  string `json:"Category,omitempty"`
	FileType  string `json:"FileType,omitempty"`
	StartTime int    `json:"StartTime,omitempty"`
	Duration  int    `json:"Duration,omitempty"`
}

type SystemSummaryDetail

type SystemSummaryDetail struct {
	Risk             string   `json:"Risk,omitempty"`
	Signature        string   `json:"Signature,omitempty"`
	SignatureSources []string `json:"SignatureSources,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL