Skip to main content
POST
/
v2
/
file
/
query
File Intelligence (V2)
curl --request POST \
  --url https://api.threatbook.io/v2/file/query
{
  "msg": "<string>",
  "response_code": 123,
  "data": {
    "multiengines": {},
    "summary": {},
    "signature": [
      {}
    ],
    "static": {},
    "pstree": {},
    "network": {},
    "dropped": [
      {}
    ],
    "strings": {}
  }
}

Query Parameters

apikey
string
required

Your API Key

You are able to get the key on "My API" page of i.threatbook.io.

Kindly note:

Please check if you have bound your access IP to the key and have the authority quotas to access this API before you interact with it.

resource
string
required

The file hash value used to retrieve the analysis report.

Supports sha256 / sha1 / md5.

sandbox_type
string

Sandbox Runtime Environment
Users can specify the sandbox runtime environment for the file to view dynamic analysis data in that specific environment (including behavioral signatures, process behavior, network behavior, dropped behavior, etc.).

The optional environments include:

  • Windows:

    • win7_sp1_enx64_office2013
    • win7_sp1_enx86_office2013
    • win7_sp1_enx86_office2010
    • win7_sp1_enx86_office2007
    • win7_sp1_enx86_office2003
    • win10_1903_enx64_office2016

  • Linux:

    • ubuntu_1704_x64
    • centos_7_x64

  • Kylin:

    • kylin_desktop_v10
query_fields
string

Optional data includes:

  • summary
  • network
  • signature
  • static
  • dropped
  • pstree
  • multiengines
  • strings

Response

msg
string
required
response_code
integer
required
data
object
required
I