The ReversingLabs Operation enriches ThreatQ objects with context obtained from the ReversingLabs API.  Once a submission has happened, users can decide to add these attributes to ThreatQ as well as download the original ReversingLabs Summary Report.

The operation provides the following actions:

• Submit URL - submits a URL to the appliance for analysis.
• Submit File - submits a File to the appliance for analysis.
• URL Submission Status - checks the processing status of a submitted URL.
• Create PDF Report - initiates the creation of a PDF analysis.
• Get PDF Report - retrieves a PDF analysis report.
• Get Report Summary - retrieves a summary of the analysis report.
• Get Classification - retrieves classified information.
• Reanalyze Sample - tries to send previously uploaded files to be analyzed again

The operation is compatible with the following object types:

• Files
• Indicators
  • FQDN
  • MD5
  • SHA-1
  • SHA-256
  • SHA-512
  • URL