[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThe ReversingLabs A1000 integration version 6.0 allows users to interact with the A1000 appliance through Google Security Operations SOAR.\u003c/p\u003e\n"],["\u003cp\u003eYou can delete samples and associated data from the A1000 appliance using the "Delete Sample" action, which operates on the Filehash entity.\u003c/p\u003e\n"],["\u003cp\u003eThe "Get Report" action retrieves a comprehensive report for a sample or multiple samples based on hash values, including detailed classifications and threat information, and can enrich the filehash entity.\u003c/p\u003e\n"],["\u003cp\u003eThe "Get Scan Status" action checks and returns the processing status of one or more hash values within the A1000 system.\u003c/p\u003e\n"],["\u003cp\u003eThe integration offers a "Ping" action to verify connectivity and an "Upload File" action to submit a file to the A1000 appliance for analysis, with the file information being enriched if results are found.\u003c/p\u003e\n"]]],[],null,["# ReversingLabs A1000\n===================\n\nIntegration version: 6.0\n\nConfigure ReversingLabs A1000 integration in Google Security Operations\n-----------------------------------------------------------------------\n\nFor detailed instructions on how to configure an integration in\nGoogle SecOps, see [Configure\nintegrations](/chronicle/docs/soar/respond/integrations-setup/configure-integrations).\n\nActions\n-------\n\n### Delete Sample\n\n#### Description\n\nDelete a set of samples that exist on the A1000 appliance. All related data\nincluding, extracted samples, and metadata will be deleted.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the Filehash entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n### Get Report\n\n#### Description\n\nGet a summary classification report and all details for a sample or a list of\nsamples using hash value(s).\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the Filehash entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n [\n {\n \"EntityResult\": {\n \"threat_status\": \"malicious\",\n \"local_last_seen\": \"2019-01-22T14: 21: 35.513535Z\",\n \"classification_origin\": {\n \"imphash\": \"\",\n \"sha1\": \"9747d177bddfc9809079283829e6bbbe315dcfa0\",\n \"sha512\": \"efabb440ab2b82dda2614308b8e2d5e1850ede3fb9c8e6f1e521f1b0728d621a6f5174c30b8e27d7964bcff0ae6b8a1a48ecc4a69d0dc3eae7eccf54a4791785\",\n \"sha256\": \"d3133784ef82208faaa3b917096d7c3e0ad9eb89a5eb4d7770418c8261da4a41\", \"md5\": \"242b13c72845a90a869ed0add78f6110\"\n },\n \"threat_name\": \"Android.Trojan.Agent\",\n \"local_first_seen\": \"2018-01-21T15: 30: 36.698843Z\",\n \"classification_reason\": \"cloud\",\n \"threat_level\": 5,\n \"trust_factor\": 5,\n \"md5\": \"2f61c5a77a64b3d45d651dc2fa7baff7\",\n \"aliases\":[\"76ea783ed0744703347a00403a73694c2a1e5a957f0f969b4284353fc7c919b4\"\n ]},\n \"Entity\": \"2f61c5a77a64b3d45d651dc2fa7baff7\"\n }\n ]\n\n### Get Scan Status\n\n#### Description\n\nReturn the processing status in the A1000 system for the list of hash values.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the Filehash entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n [\n {\n \"EntityResult\": \"processed\",\n \"Entity\": \"2f61c5a77a64b3d45d651dc2fa7baff7\"\n },{\n \"EntityResult\": \"processed\",\n \"Entity\": \"526e57077b938b3c3dbce56f8aaaa7be\"\n }\n ]\n\n### Ping\n\n#### Description\n\nTest connectivity.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on all entities.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n### Upload File\n\n#### Description\n\nUpload a file for analysis on the A1000 appliance.\n\n#### Parameters\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on all entities.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n {\n \"threat_status\": \"unknown\",\n \"local_last_seen\": \"2019-01-28T11:40:23.195946Z\",\n \"classification_origin\": null,\n \"threat_name\": null,\n \"local_first_seen\": \"2019-01-28T11:09:06.752747Z\",\n \"classification_reason\": \"unknown\",\n \"threat_level\": 0,\n \"trust_factor\": 5,\n \"md5\": \"848d57fbd8e29afa08bd3f58dd30f902\",\n \"aliases\": [\n \"Notes.txt\"\n ]\n }\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
