This workflow template, "Submit a File for Analysis to VMRay with Cache," automates the process of analyzing files for cybersecurity threats. It begins by checking whether the file's hash is already cached to avoid redundant analysis. If not cached, the hash is queried, or the file is submitted for analysis on VMRay, a threat analysis and detection platform. Afterward, a summary of the sample analysis including Indicators of Compromise (IOCs), Verdict Threat Indicators (VTIs), scoring, and verdict information is parsed and returned, ensuring informed and swift threat intelligence enrichment.
Use Cases
Threat Intelligence Enrichment
Workflow Breakdown
Provide the link to the nested workflow along with integration information for VMRay and Torq
Check if the hash of the file has been enriched and found in the cache. If found return the results.
Query VMRay for the hash of the file and if not found, submit the file for analysis with VMRay.
Parse the analysis results and return the sample summary including IOCs, VTIs, scoring and verdict information.
Vendors
Utils, Torq, VMRay
Workflow Output
VMRay analysis details on the file sample.