Skip to main content
All CollectionsTemplatesBasic
Analyze File with ANY.RUN and Provide a Verdict - Workflow Template
Analyze File with ANY.RUN and Provide a Verdict - Workflow Template

Submit a file URL to ANY.RUN and wait for the analysis to complete. The workflow will send it verdict in the output.

Updated over 6 months ago

This workflow template facilitates threat intelligence enrichment by submitting a file URL to ANY.RUN for dynamic malware analysis. It automates the process of analyzing suspicious files: the workflow starts with the submission of the file URL, then waits for ANY.RUN to complete the analysis, periodically checking the status. Once the analysis is successfully concluded, the workflow extracts the verdict and other relevant output details, which can be utilized for threat assessment and decision-making within security operations.

Take Me to the Template

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Submit the URL of the file to ANY.RUN for analysis

  2. Wait for the analysis to complete, periodically check the status until complete

  3. If the analysis was successful, send the verdict with the workflow output.

Vendors

Utils, ANY.RUN

Workflow Output

Analysis information on the file scan from ANY.RUN

Tips

Trigger this workflow as a nested workflow to include file scan analysis to a parent workflow

Related Articles
Analyze Files in Netskope Sandbox with Cache - Workflow Template
Analyze URLs and Files in Triage Sandbox - Workflow Template
Analyze URLs and Files in Recorded Future Sandbox - Workflow Template
Submit a File for Analysis to VirusTotal with Cache - Workflow Template
Submit a File for Analysis to VMRay with Cache - Workflow Template
Did this answer your question?