This service uses Triage Sandbox to query and analyse submissions, returning Triage signatures, malware configs, and network information (with optional PCAP data).
root_url- The API URL to use (https://api.tria.ge, https://private.tria.ge/api, etc.)api_key- Sets a service-wide API key.allow_dynamic_submit- Allow dynamic submission of files. This overrides the submission parameter.
analysis_timeout_in_seconds- Sets the analysis time.network- Sets the network type to be used for analysis. These are the available options:internet- Internet enableddrop- Internet disabledtor- Tor networksim200- Simulate with HTTP 200 responsessim404- Simulate with HTTP 404 responsessimnx- Simulate failing DNS
api_key- A submission-level API key. This overrides the service-configured key.use_existing_submission- If this is true, the service searches for and uses the latest result from Triage.extract_pcap- Adds the PCAP for each task as an extracted file for futher analysis by services.extract_memdump- Adds memdump files for each task for further analysis by services.extract_dropped_files- Adds dropped files for each task for further analysis by services.allow_dynamic_submit- If the service config allows dynamic submission, this will submit the sample to Triage.submit_as_url- Submits the request URI to Triage for analysis.
MAX_ANALYSIS_TIMEOUT- Sets the max timeout to wait for analysis to finish. This should be longer than the analysis timeout in the submission parameters to allow time for Triage to upload results. (Default: 600 seconds)