Admin Guide

Synapse-MalwareBazaar Admin Guide

Configuration

Synapse-MalwareBazaar does not require an API key.

Dependencies

Synapse-MalwareBazaar requires the following Power-Ups to be installed:

Name   : synapse-fileparser
Version: >4.16.0,<=5.0.0
Desc   : Synapse-FileParser is used to extract the archived samples. If not installed the downloaded samples will not be extracted.

Permissions

Package (synapse-malwarebazaar) defines the following permissions:
power-ups.malwarebazaar.user     : Controls user access to Synapse-MalwareBazaar. ( default: false )

You may add rules to users/roles directly from storm:

> auth.user.addrule visi power-ups.malwarebazaar.user
Added rule power-ups.malwarebazaar.user to user visi.

or:

> auth.role.addrule ninjas power-ups.malwarebazaar.user
Added rule power-ups.malwarebazaar.user to role ninjas.

Exported APIs

Synapse-MalwareBazaar does not currently export any APIs.

Workflows

Synapse-MalwareBazaar provides the following workflows in Optic:

Title: Configuration

Node Actions

Synapse-MalwareBazaar provides the following node actions in Optic:

Name : malwarebazaar.enrich
Desc : Enrich nodes using Synapse-MalwareBazaar.
Forms: file:bytes, hash:md5, hash:sha1, hash:sha256

Name : malwarebazaar.download
Desc : Download a sample from MalwareBazaar.
Forms: file:bytes, hash:sha256

Onload Events

Synapse-MalwareBazaar does not use any onload events.