File Upload
For potentially malicious files from office endpoints, Web/FTP/email attachments, or suspicious files on endpoints/servers, the system performs rapid detection using 22 antivirus scanning engines. Based on the file type, the system automatically selects an appropriate sandbox environment for dynamic analysis.
Query Parameters
Your API Key
You are able to get the key on "My API" page of i.threatbook.io.
Kindly note:
Please check if you have bound your access IP to the key and have the authority quotas to access this API before you interact with it.
Files to be analyzed must be no larger than 100 MB.
- Note: Do not upload files exceeding 100 MB.
- Supported file types include:
PE executables (EXE, DLL, COM, etc.), Office documents (DOC, XLS, PPT, etc.), PDF, HTML, script files, MSI, SWF, JAR, LNK, ELF, and various archive formats (ZIP, RAR, 7Z, etc.).
Sandbox Execution Environment
Users can specify the sandbox environment in which the file will be executed.
Available environments include:
-
Windows:
- win7_sp1_enx64_office2013
- win7_sp1_enx86_office2013
- win7_sp1_enx86_office2010
- win7_sp1_enx86_office2007
- win7_sp1_enx86_office2003
- win10_1903_enx64_office2016
-
Linux:
- ubuntu_1704_x64
- centos_7_x64
-
Kylin:
- kylin_desktop_v10
The sandbox execution time is 60s by default and can be adjusted as needed, up to a maximum of 300s.