Views:

Submit files and URLs to the sandbox and view the analysis results in TrendAI Vision One™.

Submission limits:
  • Maximum file size: 100 MB (including extracted objects)
  • URLs: Up to 10 per submission; HTTP and HTTPS only
  • URL handling: TrendAI Vision One™ automatically normalizes submitted URLs to match how modern browsers parse them. You can paste URLs in their original form, including internationalized domain names and unencoded characters in paths.
  • Command-line arguments: Up to 1,024 characters (Portable Executable (PE) and script files only)
  • Password-protected archives: Default passwords are virus and infected

Procedure

  1. Go to Threat IntelligenceSandbox Analysis.
  2. Click Submit Object.
    The Submit Object panel appears.
  3. Select the object type.
    • File
      1. Click Select and locate a file for submission.
        Important
        Important
        • The sandbox only analyzes supported file types.
        • The total file size cannot exceed 100 MB, including extracted objects.
      2. Select and configure the submission type:
        • Single file: Submit only one file (default). For password-protected files, TrendAI Vision One™ tries the default passwords virus and infected. If the file uses a different password, specify the password during submission.
          • Arguments: Specify the command line arguments that the sandbox uses to run the submitted file object. Maximum 1,024 characters. Arguments apply only to Portable Executable (PE) files and script files.
          • Archive file password: If the submitted file is a password-protected archive, provide the password.
          • File password: If the submitted file is password-protected, provide the password.
        • Bundle file: Submit multiple related files as one. Bundle submissions allow you to submit an executable along with required dependencies and specify which file the sandbox should run.
          • File to run: Specify the file name in the bundle that you want the sandbox to execute.
          • Arguments: To execute specific parameters during analysis, specify the command-line arguments to run the bundle file. Maximum 1,024 characters. Arguments apply only to Portable Executable (PE) and script files.
          • Extraction path: To designate where the sandbox extracts all files, specify the complete path. To extract specific files to different paths, use File Name and Path.
          • Bundle file archive password: If the bundle file is password-protected, provide the password.
    • URLs
      1. Specify a URL with a maximum of 2,048 characters and then press ENTER.
        • You can submit up to 10 URLs to the sandbox.
        • The sandbox can only analyze HTTP and HTTPS addresses.
        • TrendAI Vision One™ automatically normalizes the URL the way a modern browser does. After you press ENTER, the URL appears in the input as its normalized form. Hover over a URL to see both the normalized URL and the URL you submitted.
        • If a URL cannot be normalized, the URL is rejected and Submit Object is unavailable until you remove or correct it.
        • URLs already in normalized form are submitted as-is.
  4. Click Submit Object.
    The Sandbox Analysis screen displays the status of submitted objects.
    The sandbox may not be able to analyze an object for various reasons.