Obtaining information about downloaded files

Kaspersky Research Sandbox provides an API to obtain information about files that were downloaded by the executed object.

Request

Request method: GET

Endpoint: https://<server name>/api/v1/sandbox/tasks/{task ID}/downloads

Parameters

Obtaining information about downloaded files

Parameter

Data type

Occurrence

Description

task_id

string

Required

Object execution task ID (GUID).

cURL command sample:

$ curl --user <user name> --request GET 'https://<server name>/api/v1/sandbox/tasks/<task ID>/downloads'

You will be asked to enter your password. The password is not displayed while you type it.

Responses

Endpoint returns a JSON object that contains information about downloaded files.

200 OK

Information about downloaded files obtained successfully.

200 OK response parameters

Parameter

Data type

Description

Zone

string

Danger level of downloaded file (for example, Red).

Md5

string

MD5 hash function of downloaded file.

Sha1

string

SHA1 hash of downloaded file.

Sha256

string

SHA256 hash of downloaded file.

DetectionNames

array

Name of detected object (for example, Trojan-Downloader.Script.Generic).

Name

string

File name of downloaded file (for example, sample.exe).

Size

integer

Downloaded file size (bytes).

Type

string

Downloaded file type.

IsHttpsTraffic

boolean

Indicates whether traffic that the downloaded file was extracted from is HTTPS.

TriggeredYaraRules

array

List of triggered YARA rules.

200 OK response example:

{

"Zone": "Grey",

"Md5": "string",

"Sha1": "string",

"Sha256": "string",

"DetectionNames": [],

"Name": "string",

"Size": 0,

"Type": "string",

"IsHttpsTraffic": false,

"TriggeredYaraRules": []

}

400 Bad Request

Failed to obtain information about downloaded files due to incorrect query.

400 Bad Request response parameters

Parameter

Data type

Description

code

string

Error ID.

message

string

Error description.

meta

string

Additional information, if available.

Error examples:

Incorrect task_id parameter:

{"code":6,"message":"task not found"}

Incorrect task_id parameter format:

{"code":29,"message":"bad task id"}

401 Unauthorized

Failed to obtain information about downloaded files due to incorrect user credentials.

404 Not Found

Task with specified ID not found.

500 Internal Server Error

Failed to obtain information about downloaded files due to an internal server error.

Page top