Queries the cloud sandbox check results of malicious files.
Debugging
Authorization information
There is currently no authorization information disclosed in the API.
Request parameters
Parameter | Type | Required | Description | Example |
---|---|---|---|---|
Field | string | No | The field that you want to query. You can enter multiple fields and separate them with commas (,). Valid values:
| Basic,,ThreatTypes,Intelligences,Sandbox |
EventId | long | No | The event ID that corresponds to the file to be detected. | 81**** |
FileHash | string | No | The hash value of the file to be detected. | b63917332950e5d219d0737ffe31**** |
Lang | string | No | The language of the content within the request and response. Valid values:
| en |
SourceType | string | No | The data source type. Valid values:
| object_scan |
Response parameters
Examples
Sample success responses
JSON
format
{
"Data": {
"FileHash": "c42b5f6bde0b730ece2923266333****",
"ThreatLevel": 2,
"Sandbox": "{'BehaviorData': {}, 'ProcessData': {}, 'SandboxData': {}, 'AttackData': [], 'NetworkData': {}, 'SolutionData': {}, 'FileData': {}}",
"Basic": " {\n \"sha256\": \"\",\n \"sha512\": \"\",\n \"source\": \"aegis\",\n \"gmt_first_submit\": \"\",\n \"sha1\": \"\",\n \"virus_result\": \"\",\n \"webshell_result\": \"\",\n \"gmt_update\": \"\",\n \"sandbox_result\": \"2\",\n \"fileSize\": \"363752\",\n \"virus_name\": \"\",\n }",
"Filename": "test.zip",
"HasData": true,
"Intelligences": "[\"The threat type\"]",
"ThreatTypes": "[{\"threat_type_desc\": \"test\",\"risk_type\": 1,\"threat_type\": \"\"}]",
"ShowTab": true
},
"RequestId": "A4EB8B1C-1DEC-5E18-BCD0-D1BBB393XXXX",
"Code": "200",
"Message": "successful",
"Success": true
}
Error codes
HTTP status code | Error code | Error message | Description |
---|---|---|---|
403 | NoPermission | caller has no permission | You are not authorized to do this operation. |
500 | ServerError | ServerError | - |
For a list of error codes, visit the Service error codes.