This Torq workflow template, "Submit a File for Analysis to VMRay with Cache," automates the process of analyzing potentially malicious files. It first checks if the file's hash is cached; if not, it submits the file to VMRay for detailed analysis. The workflow returns comprehensive results, including Indicators of Compromise (IOCs), threat indicators, and a verdict, enhancing threat intelligence and response capabilities.
Use Cases
Threat Intelligence Enrichment
Workflow Breakdown
Provide the link to the nested workflow along with integration information for VMRay and Torq
Check if the hash of the file has been enriched and found in the cache. If found return the results.
Query VMRay for the hash of the file and if not found, submit the file for analysis with VMRay.
Parse the analysis results and return the sample summary including IOCs, VTIs, scoring and verdict information.
Vendors
Utils, Torq, VMRay
Workflow Output
VMRay analysis details on the file sample.