New FalconSubmission
Submit a sample to the Falcon X Sandbox
Requires 'Sandbox (Falcon X): Write'.
| Name | Type | Min | Max | Allowed | Pipeline | PipelineByName | Description |
|---|---|---|---|---|---|---|---|
| EnvironmentId | String |
androidmacOS_10.15ubuntu16_x64win7_x64win7_x86win10_x64
|
Analysis environment | ||||
| Sha256 | String | Sha256 hash value | |||||
| Url | String | A webpage or file URL | |||||
| SubmitName | String | Submission name | |||||
| ActionScript | String |
defaultdefault_maxantievasiondefault_randomfilesdefault_randomthemedefault_openie
|
Runtime script for sandbox analysis | ||||
| CommandLine | String | Command line script passed to the submitted file at runtime | |||||
| SystemDate | String | A custom date to use in the analysis environment | |||||
| SystemTime | String | A custom time to use in the analysis environment | |||||
| DocumentPassword | String | Auto-filled for Adobe or Office files that prompt for a password | |||||
| NetworkSetting | String |
defaulttorsimulatedoffline
|
Network settings to use in the analysis environment | ||||
| EnableTor | Boolean | Route traffic via TOR | |||||
| UserTag | String[] | Tags to categorize the submission |
New-FalconSubmission [-EnvironmentId] <String> [[-Sha256] <String>] [[-Url] <String>] [[-SubmitName] <String>] [[-ActionScript] <String>] [[-CommandLine] <String>] [[-SystemDate] <String>] [[-SystemTime] <String>] [[-DocumentPassword] <String>] [[-NetworkSetting] <String>] [[-EnableTor] <Boolean>] [[-UserTag] <String[]>] [-WhatIf] [-Confirm] [<CommonParameters>]The file submitted to the Falcon Intelligence Sandbox must be previously uploaded through Send-FalconSample.
New-FalconSubmission -Sha256 <sha256> -EnvironmentId win7_x86 -SubmitName virus.exeSee Send-FalconSample.
2022-10-10: PSFalcon v2.2.3
