Malpedia
App Vendor: Malpedia
Connector Category: Data Enrichment and Threat Intelligence
App Version in Orchestrate: 1.0.0
About App
The Malpedia app allows security teams to integrate with the Malpedia application to retrieve data regarding a specific threat actor or malware family. This data helps security analysts to take necessary actions not only against a specific actor but also a list of all alternate names or synonyms that the threat actor can be operating under.
The Malpedia app is configured with the Orchestrate application to perform the following actions:
Action | Description |
|---|---|
Find Malware Family Data | This action retrieves data about a malware family such as list of alternate names, malware IDs, and other metadata about the malware family. |
Find the Threat Actor Data | This action retrieves data about a threat actor such as list of all the synonyms used for the actor name. |
Configuration Parameters
This action does not require any configuration parameters. You can create instances of the Malpedia app without the configuration parameters.
Action: Find Malware Family Data
This action retrieves data about a malware family such as list of all the alternate names used, malware IDs, and other metadata about the malware family.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Malware name | Enter the name of the malware. Example: "Malwareexamplename" | Text | Required |
Example Request
[
{
"malware": "Malwareexamplename"
}
] |
Action: Find the Threat Actor Data
This action retrieves data about a threat actor such as list of all the synonyms used for the actor name.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Actor name | Enter the actor's name. Example: "Exampleactorname" | Text | Required |
Example Request
[
{
"actor": "Exampleactorname"
}
] |