Get Samples for Hash Behaviors - Cloud Security API

{"type":"api","title":"Get Samples for Hash Behaviors","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/9d37d008417d562ab46d4b67547a68457ce288d2/0c55b142-e159-3ace-b5f9-be50ad69a5f1","info":{"title":"Cisco Umbrella Investigate API","description":"The Umbrella Investigate API provides a complete view of domains in relation to IP and autonomous system number (ASN) information.\nYou can get the following domain information:\n\n* Domain status, risk score, and geolocation\n* Number of domain searches\n* Co-occurring domains\n* Subdomains of a domain\n* Tagged timeline of a domain, IP, or URL\n* Security reputation of a domain\n* Top accessed domains\n* WHOIS information for the domain\n* Threat intelligence data for domains, IPs, and URLs\n* Threat intelligence samples by file hash","version":"2.0.0","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Domain Status and Categorization"},{"name":"Domain Volume"},{"name":"Co-occurrences for a Domain"},{"name":"Passive DNS"},{"name":"Tagging Timeline"},{"name":"Subdomains for a Domain"},{"name":"Related Domains for a Domain"},{"name":"Security Information for a Domain"},{"name":"AS Information for a Domain"},{"name":"WHOIS Information for a Domain"},{"name":"Popularity List-Top Million Domains"},{"name":"Search Domain"},{"name":"Cisco Secure Malware Analytics Integration"},{"name":"Umbrella"}],"x-parser-conf":{"overview":{"markdownPath":"reference/investigate/investigate-overview.md","uri":"umbrella-api-reference-investigate-api-overview"}},"openapi":"3.0.0","servers":[{"url":"https://api.umbrella.com/{basePath}","variables":{"basePath":{"default":"investigate/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"scopes":{"investigate.investigate:read":"Investigate read access","investigate.bulk:read":"Investigate bulk read access"},"tokenUrl":"https://api.umbrella.com/auth/v2/token"}}}}},"spec":{"summary":"Get Samples for Hash Behaviors","operationId":"getSampleHashBehaviors","tags":["Cisco Secure Malware Analytics Integration","Umbrella"],"description":"Get the information about specific actions or unique properties of this sample,\nespecially local to your network or the computer where the sample is run.","parameters":[{"name":"hash","in":"path","required":true,"description":"A hash value.","schema":{"type":"string"},"example":"3ee3cbe0ca92d2470f50712adf60fb03e4ad327fd78e630e004571b89db47cea","$$ref":"#/components/parameters/hash"},{"name":"limit","in":"query","required":false,"description":"The number of items to return in the response from the collection. The default limit is 10.\nIncrease the limit to request a larger set of data.","schema":{"type":"integer","default":10},"example":25,"$$ref":"#/components/parameters/limitParam"},{"name":"offset","in":"query","required":false,"description":"A number that represents an index in the collection. By default, the offset is 0 (the first record).","schema":{"type":"integer","default":0},"example":2,"$$ref":"#/components/parameters/offsetParam"}],"security":[{"oauthFlow":["investigate.investigate:read"]}],"responses":{"200":{"description":"OK","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","description":"The properties of the sample hash behaviors.","properties":{"totalresults":{"type":"integer","format":"int64"},"moreDataAvailable":{"type":"boolean","description":"Specifies whether more samples are available for the destination.","example":true,"$$ref":"#/components/schemas/moreDataAvailable"},"limit":{"type":"integer","description":"The maximum number of records to include in the response.","format":"int64","example":100,"$$ref":"#/components/schemas/limit"},"offset":{"type":"integer","description":"The place to start reading in the collection.","format":"int64","default":0,"example":5,"$$ref":"#/components/schemas/offset"},"behaviors":{"type":"array","description":"The list of behavioral information related to the destination.","items":{"type":"object","description":"The properties of the behavior.","properties":{"name":{"type":"string"},"title":{"type":"string"},"hits":{"type":"integer","format":"int64"},"confidence":{"type":"integer","format":"int64"},"severity":{"type":"integer","format":"int64"},"tags":{"type":"array","items":{"type":"string"}},"threat":{"type":"integer","format":"int64"},"category":{"type":"array","items":{"type":"string"}}},"$$ref":"#/components/schemas/Behavior"}}},"$$ref":"#/components/schemas/SampleHashBehaviors"},"example":{"totalResults":2,"moreDataAvailable":true,"limit":2,"offset":0,"behaviors":[{"name":"pe-packed-upx","title":"Executable Packed with UPX","hits":2,"confidence":30,"severity":30,"tags":["packer","crypter","encoding","PE"],"threat":9,"category":["attribute"]},{"name":"pe-header-timestamp-null","title":"PE COFF Header Timestamp is Not Set","hits":2,"confidence":60,"severity":5,"tags":["file","attributes","anomaly","PE"],"threat":3,"category":["attribute"]}]}}}},"400":{"description":"Bad Request","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/400Error"},"401":{"description":"Unauthorized","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/401Error"},"403":{"description":"Forbidden","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/403Error"},"404":{"description":"Not Found","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/404Error"},"500":{"description":"Internal Server Error","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/500Error"}},"__originalOperationId":"getSampleHashBehaviors","method":"get","path":"/sample/{hash}/behaviors"}}