This integration is a series of Components that allow users to do malware analysis with ReversingLabs A1000 and TiCloud. The following apps and actions are available:
- Analyze File with ReversingLabs – The Reversing Labs API lets you submit a supported file type for ReversingLabs analysis. Use this app to automate the submission of new malware files. The app attempts to detect whether a file is in ZIP format and, if it is, automatically unzips the file before sending it to the ReversingLabs API.
- Download ReversingLabs Sample – This app downloads a sample residing on A1000. If a sample is in the cloud, you will need to download it to the A1000 instance that you are using first.
- Get ReversingLabs Summary Report – This app uses hash_value(s) to get a summary classification report and details for a sample or list of samples.
These apps can be found in the ThreatConnect App Catalog under the names: Analyze File with ReversingLabs, Download ReversingLabs Sample, and Get ReversingLabs Summary Report.