Documentation Home Maltego Academy Maltego Blog Contact Us
Welcome
Login
Open navigation

Hybrid Analysis

Modified on: Wed, 7 Sep, 2022 at 7:03 PM

Overview

Hybrid Analysis is an independent service, powered by Falcon Sandbox and provides a subset of Falcon Sandbox capabilities. CrowdStrike Falcon Sandbox is an automated malware analysis solution Falcon Sandbox performs deep analysis of evasive and unknown threats, enriches the results with threat intelligence, and delivers actionable indicators of compromise (IOCs).


Hybrid Analysis is a file analysis approach that combines runtime data with memory dump analysis to extract all possible execution pathways even for the most evasive malware. All data extracted from the Hybrid Analysis engine is processed automatically and integrated into the malware analysis reports. Users can search thousands of existing malware reports or download samples and IOCs.

With the help of these Transforms investigators can query into the Hybrid Analysis API.


To read more click here.

Hybrid Analysis Transforms

[HybridAnalysis] Query Hash

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Domain Name of Private Cloud Instance string www.hybrid-analysis.com true false false
Hybrid-Analysis API Key string DefaultValue false true false
Hybrid-Analysis API Secret string DefaultValue false true false

Transform Meta Info

Information Value
Display Name [HybridAnalysis] Query Hash
Owner iTDS
Author iTDS@Paterva.com
Data Source HybridAnalysis
Input Entities maltego.affiliation.Twitter
Output Entities Phrase
Short Description  

Variants

Transform Name

QueryHash QueryMHash

[HybridAnalysis] Query Domain

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Domain Name of Private Cloud Instance string www.hybrid-analysis.com true false false
Hybrid-Analysis API Key string DefaultValue false true false
Hybrid-Analysis API Secret string DefaultValue false true false

Transform Meta Info

Information Value
Display Name [HybridAnalysis] Query Domain
Owner iTDS
Author iTDS@Paterva.com
Data Source HybridAnalysis
Output Entities Phrase
Short Description  

Variants

Transform Name Input Entities
QueryDomain maltego.DNSName
QueryDNS maltego.Domain

[HybridAnalysis] Query IP Address

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Domain Name of Private Cloud Instance string www.hybrid-analysis.com true false false
Hybrid-Analysis API Key string DefaultValue false true false
Hybrid-Analysis API Secret string DefaultValue false true false

Transform Meta Info

Information Value
Display Name [HybridAnalysis] Query IP Address
Owner iTDS
Author iTDS@Paterva.com
Data Source HybridAnalysis
Transform Name QueryIP
Input Entities maltego.IPv4Address
Output Entities Phrase
Short Description  

[HybridAnalysis] Query Similar Samples

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Domain Name of Private Cloud Instance string www.hybrid-analysis.com true false false
Hybrid-Analysis API Key string DefaultValue false true false
Hybrid-Analysis API Secret string DefaultValue false true false

Transform Meta Info

Information Value
Display Name [HybridAnalysis] Query Similar Samples
Owner iTDS
Author iTDS@Paterva.com
Data Source HybridAnalysis
Output Entities Phrase
Short Description  

Variants

Transform Name Input Entities
QuerySimilar CS.Hash
QueryMSimilar maltego.affiliation.Twitter

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Search all Maltego Guides:

Interested? Get your free demo
Questions? Contact us

© 2024 by Maltego Technologies.