Cuckoo Sandbox
App Vendor: Cuckoo Sandbox
App Category: Data Enrichment & Threat Intelligence
Connector Version: 2.0.0
API Version: 1.0.0
About App
Cuckoo Sandbox is an open source automated malware analysis system. The Cuckoo Sandbox app enables security teams to integrate with the Cuckoo Sandbox community application to manage tasks and pre-submit analysis.
The Cuckoo Sandbox app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
List Tasks | This action lists all the tasks on Cuckoo Sandbox. |
Post File | This action submits a file for analysis to Cuckoo Sandbox. |
Post URL | This action submits a URL for analysis to Cuckoo Sandbox. |
View Task Details | This action displays the details of a task. |
Get Task Report | This action retrieves the report of a task. |
Get Task Summary | This action retrieves the summary of a task. |
Configuration Parameters
The following configuration parameters are required for the Cuckoo Sandbox app to communicate with the Cuckoo Sandbox enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the base URL of the Cuckoo Sandbox. | Text | Required | |
API Token | Enter the API token to authorize with Cuckoo Sandbox. This is usually found in the cuckoo.conf file. | Text | Required |
Action: List Tasks
This action lists all the tasks on Cuckoo Sandbox.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Limit | Enter the limit to display the number of tasks returned. Example: 10 | Integer | Optional | |
Offset | Enter the offset to get responses from. Example: 0 | Integer | Optional | Default value: 0 |
Action: Post File
This action submits a file for analysis to Cuckoo Sandbox.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
File name | Enter the file name for analysis. Example: "malware_sample.exe" | Text | Required | The file name is available in Cuckoo. |
File path | Enter the corresponding file path. Example: "/tmp/malware_sample.exe" | Text | Required |
Action: Post URL
This action submits a URL for analysis to Cuckoo Sandbox.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URL to submit | Enter the URL to submit for analysis to Cuckoo Sandbox. Example: "http://www.thisismalicious.com" | Text | Required |
Action: View Task Details
This action retrieves the details of a task.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Task ID | Enter the task ID to get the details of. Example: 1230321 | Integer | Required |
Action: Get Task Report
This action retrieves the report of a task.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Task ID | Enter the task ID to retrieve the report of a task. Example: 1230321 | Integer | Required |
Action: Get Task Summary
This action retrieves the summary of a task.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Task ID | Enter the task ID to retrieve the summary of a task. Example: 1230321 | Integer | Required |