Obtaining information about dump files

Kaspersky Research Sandbox provides an API to obtain information about dump files (snapshots) of the file execution process and loaded modules.

This method is available only for objects that were executed in the mobile (Android) operating system environment.

Request

Request method: GET

Endpoint: https://<server name>/api/v1/sandbox/tasks/{task ID}/dumps

Parameters

Obtaining information about dump files

Parameter	Data type	Occurrence	Description
`task_id`	string	Required	Object execution task ID (GUID).

cURL command sample:

$ curl --user <user name> --request GET 'https://<server name>/api/v1/sandbox/tasks/<task ID>/dumps'

You will be asked to enter your password. The password is not displayed while you type it.

Responses

Endpoint returns a JSON object that contains information about dump files.

200 OK

Information about dump files obtained successfully.

200 OK response parameters

Parameter	Data type	Description
`Zone`	string	Danger level of the dump file (for example, Red).
`Md5`	string	MD5 hash function of the dump file.
`Sha1`	string	SHA1 hash of the dump file.
`Sha256`	string	SHA256 hash of the dump file.
`DetectionNames`	array	Name of the detected object (for example, Trojan-Downloader.Script.Generic).
`Name`	string	File name of the dump file (for example, sample.exe).
`Size`	integer	Dump file size (bytes).
`Type`	string	Dump file type.
`IsHttpsTraffic`	boolean	Indicates whether HTTPS was detected.
`TriggeredYaraRules`	array	List of triggered YARA rules.

200 OK response example:

{

"Zone": "Grey",

"Md5": "string",

"Sha1": "string",

"Sha256": "string",

"DetectionNames": [],

"Name": "string",

"Size": 0,

"Type": "string",

"IsHttpsTraffic": false,

"TriggeredYaraRules": []

}

400 Bad Request

Failed to obtain information about dump files due to incorrect query.

400 Bad Request response parameters

Parameter	Data type	Description
`code`	string	Error ID.
`message`	string	Error description.
`meta`	string	Additional information, if available.

Error examples:

Incorrect task_id parameter:

{"code":6,"message":"task not found"}

Incorrect task_id parameter format:

{"code":29,"message":"bad task id"}

401 Unauthorized

Failed to obtain information about dump files due to incorrect user credentials.

404 Not Found

Task with specified ID not found.

Error example:

The task_id parameter for a Windows task was specified for an Android endpoint:

{"code":35, "message":"task section not found"}

500 Internal Server Error

Failed to obtain information about dump files due to an internal server error.

Page top