sample#

Autogenerated API

argus_api.lib.sampledb.v1.sample.get_evil_samples(customerID: int = None, startTimestamp: int = None, endTimestamp: int = None, tlp: str = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Searches for evil samples. (PUBLIC)

Parameters

  • customerID (list) – Set of customer IDs to limit samples result.

  • startTimestamp (int) – Start of time search period for submission creation date. (default 24 hours before timestamp of request.)

  • endTimestamp (int) – End of time search period for submission creation date. (default Timestamp of request.)

  • tlp (list) – Set of TLPs to search for.

  • limit (int) – Set this value to set max number of results. (default 25)

  • offset (int) – Set this value to skip the first (offset) objects. By default, return result from first object. (default 0)

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.get_sample(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Fetch sample info identified by SHA256. (PUBLIC)

Parameters

  • sha256 (str) – SHA256 to identify sample info

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.get_sample_aggregated(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Fetch sample aggregated info identified by SHA256. (PUBLIC)

Parameters

  • sha256 (str) – SHA256 to identify sample aggregated info

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.get_sample_children(sha256: str, customerID: int = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Get sample children submissions with search defined by query params (PUBLIC)

Parameters

  • sha256 (str) – SHA256 to identify parent sample

  • customerID (list) – Search by customer IDs

  • limit (int) – Maximum number of returned results

  • offset (int) – Skip a number of results

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.get_sample_download(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Fetch and download sample by SHA256 (PUBLIC)

Parameters

  • sha256 (str) – SHA256 to identify sample

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

requests.Response object or dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.get_sample_tags(sha256: str, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Fetch tags of sample which sample is identified by SHA256. (PUBLIC)

Parameters

  • sha256 (str) – SHA256 to identify sample which tags belongs to

  • limit (int) – Maximum number of returned results

  • offset (int) – Skip a number of results

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.get_sandbox_pcap(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Fetch and download sandbox pcap by sample SHA256 (PUBLIC)

Parameters

  • sha256 (str) – SHA256 to identify sample which sandbox pcap belongs to

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

requests.Response object or dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.get_sandbox_procgraph(sha256: str, runUUID: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Fetch sandbox procgraph by sample SHA256 and id (PUBLIC)

Parameters

  • sha256 (str) – SHA256 to identify sample which sandbox procgraph belongs to

  • runUUID (str) – Sandbox procgraph ID

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

requests.Response object or dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.get_sandbox_runs(sha256: str, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Fetch sandbox runs of sample which sample is identified by SHA256. (PUBLIC)

Parameters

  • sha256 (str) – SHA256 to identify sample which sandbox runs belongs to

  • limit (int) – Maximum number of returned results

  • offset (int) – Skip a number of results

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.list_submissions_by_sample_id(sha256: str, customerID: int = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Search for submissions with defined by query params (PUBLIC)

Parameters

  • sha256 (str) – SHA256 to identify sample submissions

  • customerID (list) – Search by customer IDs

  • limit (int) – Maximum number of returned results

  • offset (int) – Skip a number of results

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON

argus_api.lib.sampledb.v1.sample.submit(customer: str = None, tlp: str = None, data: str = None, clientName: str = None, fileName: str = None, enableSandboxAnalysis: bool = True, allowSandboxInternetAccess: bool = None, enableAntivirusScan: bool = True, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Submit a sample for analysis (PUBLIC)

Parameters

  • customer (str) – Customer ID or short name of the customer to register this sample to.

  • tlp (str) – TLP level of the sample.

  • data (str) – The sample data.

  • clientName (str) – Name of client application. => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*

  • fileName (str) – Name of submitted file. => Sanitize by regex [a-zA-Z0-9ÅåØøÆæ_\-. ]*

  • enableSandboxAnalysis (bool) – Enable sandbox analysis of sample. (default true)

  • allowSandboxInternetAccess (bool) – Allow internet access to sandbox. (default false)

  • enableAntivirusScan (bool) – Enable antivirus scan of sample. (default true)

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON