The ShadowDragon MalNet action enriches FQDNs, IP addresses, and file hashes with contextual threat intelligence from the ShadowDragon MalNet service, enabling analysts to quickly identify malware relationships, assess infection scope, and accelerate investigation and response efforts.

The integration provides the following action:

• ShadowDragon MalNet - Enrich IOCs - enriches FQDNs, IP addresses, MD5 hashes, and SHA-256 hashes with user selected contextual data from the ShadowDragon MalNet API.

The integration is compatible with and enriches the following indicators types:

• FQDN
• IP Address
• MD5
• SHA-256

Note: This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.