Skip to main content

Submit a File for Analysis to VMRay with Cache - Workflow Template

Submit a file to VMRay for analysis and provide a simple cache for the analysis results. Use public URLs or Torq file links to the file.

Updated this week

This Torq workflow template, "Submit a File for Analysis to VMRay with Cache," automates the process of analyzing potentially malicious files. It first checks if the file's hash is cached; if not, it submits the file to VMRay for detailed analysis. The workflow returns comprehensive results, including Indicators of Compromise (IOCs), threat indicators, and a verdict, enhancing threat intelligence and response capabilities.

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Provide the link to the nested workflow along with integration information for VMRay and Torq

  2. Check if the hash of the file has been enriched and found in the cache. If found return the results.

  3. Query VMRay for the hash of the file and if not found, submit the file for analysis with VMRay.

  4. Parse the analysis results and return the sample summary including IOCs, VTIs, scoring and verdict information.

Vendors

Utils, Torq, VMRay

Workflow Output

VMRay analysis details on the file sample.

Did this answer your question?