This article explains how to get STIX (Structured Threat Information eXpression) output for a task on a Malware Analysis Appliance (MAA).
The support for STIX data output for tasks was introduced in MAA version 4.1.4
In the Ui: navigate to https://<maa-ip>/rapi/tasks/<task-Iid>
On the command line or in scripts use it this way:
curl -k -X GET https://<server_ip>/rapi/tasks/<task-id>/stix?token=<api-key>