ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How To Get Sample Information through the RAPI api on Malware Analysis Appliance (MAA)


Article ID: 168121


Updated On:


Malware Analysis Software - MA


User wants to get sample information from the box using the API
·        Returns the high-level metadata for a sample by either the integer sample_id provided or query strings.
·        If more than one sample is returned, it will be as a list under the results element.
·        If a sample is not found, an empty set will be returned.
·        By default it returns the last 100 samples. The max limit is 1000, if more results are required use the offset parameter to page the results back.


Examples using curl.

Return a single sample’s metadata.
curl http://ip_address/rapi/samples/<sample_id>

Return all samples marked with a source of customerOne.
curl http://ip_address/rapi/samples?source=customerOne

Return all samples that were uploaded by Robert Bob (rbob).
curl http://ip_address/rapi/samples?owner=rbob

Return all samples that have both the 'zeus' AND the 'bad' tags in the description.
curl http://ip_address/rapi/samples?hashtags=bad|zeus

Return all URL samples that have 'malicious_site' as part of their address.
curl http://ip_address/rapi/samples?url=malicious_site