Skip to main content

Workflow Template: Analyze Files with ANY.RUN Sandbox

Submit a file download URL to ANY.RUN Sandbox for analysis and receive a structured JSON report with verdict, IoCs, and summary.

The "Analyze Files with ANY.RUN Sandbox" workflow template streamlines the process of file analysis for security operations. By submitting a file download URL, users can leverage the ANY.RUN Sandbox to obtain a detailed JSON report that includes a verdict, Indicators of Compromise (IoCs), and a comprehensive enrichment summary. This workflow is ideal for enhancing application security operations, endpoint detection and response, and threat intelligence enrichment, providing actionable insights to bolster cybersecurity measures.

Take Me to the Template

Use Cases

Application Security Operations , Endpoint Detection and Response (EDR) , Function , Threat Intelligence Enrichment

Workflow Breakdown

  1. Accepts a file download URL as an input parameter.

  2. The completed analysis report is retrieved and a sandbox summary is generated.

  3. Indicators of Compromise (IPs, URLs, file hashes) are extracted from the analysis.

  4. A final enrichment summary is produced, combining the report details with the extracted IoCs as the workflow output.

Vendors

Utils, ANY.RUN

Workflow Output

ANY.RUN Sandbox analysis report and verdict for the submitted file, and extracted IOCs.

Related Articles
Workflow Template: Analyze Files in Netskope Sandbox with Cache
Workflow Template: Submit a File for Analysis to VMRay with Cache
Workflow Template: Analyze URLs with ANY.RUN Sandbox
Workflow Template: Enrich Case with File Analysis in ANY.RUN Sandbox
Workflow Template: Enrich Case with URL Analysis in ANY.RUN Sandbox
Did this answer your question?