Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
Clear
AutoFocus® API Reference
:
Sample Artifacts
Updated on
Fri Sep 01 02:09:44 UTC 2023
Focus
Download PDF
Updated on
Fri Sep 01 02:09:44 UTC 2023
Focus
Home
AutoFocus
AutoFocus® API Reference
Perform AutoFocus Searches
Search Field Names
Sample Artifacts
Download PDF
AutoFocus® API Reference
Sample Artifacts
Table of Contents
Filter
Expand all
|
Collapse all
About the AutoFocus API
AutoFocus API Overview
AutoFocus API Prerequisites
AutoFocus API Rate Limits
Rate Limits and Points Allotment
How to Track Points
Points Usage
AutoFocus API Resources
Resources for Initiating Searches
Resources for Viewing Search Results
Resources for Direct Searches
AutoFocus API STIX Support
STIX Elements and Fields
Get Started with the AutoFocus API
Get Your API Key
Make Your First AutoFocus API Calls
Start a Search
View Results
Perform AutoFocus Searches
Search Samples and Sessions
Search Field Names
General Artifacts
Sample Artifacts
Session Artifacts
Analysis Artifacts
Linux Artifacts
Windows Artifacts
Mac Artifacts
Android Artifacts
Macro Artifacts
Search Parameter Types and Operators
Search Countries and Country Codes
Search Top Tags, Session Histogram, and Session Aggregate Data
Search for Signatures
View Search Results
Perform Direct Searches
Get Session Details
Get Sample Analysis
Get Tags
Get Tag Details
Get Threat Indicator Feed
Get Custom Threat Indicator Feed
Get Threat Intelligence Card Summary
Export List
Get Anti-spyware, Vulnerability, and File-Format Signature
Get Antivirus Signature
Get DNS Signature
Get Geolocation
Get Anti-spyware, Vulnerability, and File-Format Release Info
AutoFocus API Error Codes
AutoFocus API Error Codes
Sample Artifacts
The following table provides field names and related information for sample artifacts.
Field Name
Artifact Type as it Appears on AutoFocus Web Portal
Field Type
Acceptable Values and Examples
sample.digital_signer
Digital Signer
string
Valid digital signature.
sample.filetype
File Type
select
7zip Archive
Adobe Flash File
Android APK
Android DEX
DLL
DLL64
ELF
JAVA Class
JAVA JAR
JScript
Link
Mac OS X app bundle in ZIP archive
Mac OS X app installer
MacOSX DMG
Mach-O
Macro
Microsoft Excel 97 - 2003 Document
Microsoft Excel Document
Microsoft PowerPoint 97 - 2003 Document
Microsoft PowerPoint Document
Microsoft Word 97 - 2003 Document
Microsoft Word Document
PDF
PE
PE64
PowerShell
RAR Archive
RTF
Shell Script
VBScript
sample.size
File Size
number
Sample size in bytes.
sample.finish_date
Finish Date
date
Timestamp of initial WildFire verdict.
Example:
2015-09-21T11:33:20
sample.create_date
First Seen
date
Timestamp when sample was first uploaded to WildFire.
sample.imphash
Import Table Hash
exactStringList
Import hash
Example:
099c0646ea7282d232219f8807883be0
sample.update_date
Last Updated
date
Sample update date timestamp.
sample.md5
MD5
exactStringList
MD5 hash.
Example:
d0b811f1fa5a3f63f337513c41cdf368
sample.sha1
SHA1
exactStringList
SHA1 hash.
Example:
91ee460785ba550cf24adf06265efb7f241fd4ec
sample.sha256
SHA256
exactStringList
SHA256 hash.
Example:
54cf20480c0fbefc9c35b3413c2930a5e1d2831950f175ca90b19ddb94fbba8c
sample.ssdeep
Ssdeep Fuzzy Hash
string
ssdeep hash value.
Example:
768:/1cVhpQI2EQK0iPDh84nScF15GYbWjXO3XJO53XR0IFAjr7LTEnb0HgjPikCBT5a:NQpQ5EP0ijnRTXJO53/Ajrq0Hgrik5
sample.malware
WildFire Verdict
select
Possible values:
Benign:
0
Malware:
1
Grayware:
2
sample.tasks.metadata_compilation_ts
Compilation Timestamp
date
Timestamp when a PE sample was created.
Example:
2018-09-21T10:21:12
Previous
General Artifacts
Next
Session Artifacts
