get_list_of_recent_analyses
Retrieve a summary of recent malware analysis submissions from Joe Sandbox Cloud, including detection scores, threat classifications, and metadata for follow-up investigation.
Instructions
List recent analyses submitted by the user.
This tool returns a summary of the most recent sandbox analyses performed in the current account. Each entry includes the submission ID and a minimal set of metadata useful for follow-up actions such as downloading artifacts or examining behavior.
By default, the tool returns the latest 20 analyses. You can override the `limit` parameter to retrieve more or fewer entries.
For each analysis, the following fields are returned:
- webid: Unique submission identifier.
- time: Timestamp of when the analysis was submitted.
- filename: Original submitted filename or URL.
- sha256: SHA-256 hash of the submitted object.
- score: Final detection score assigned by the sandbox.
- detection: Verdict (e.g., clean, suspicious, malicious).
- classification: Malware family or type (if available).
- threatname: Named threat label (e.g., campaign or actor), if detected.
- systems: List of sandbox systems the sample was run on.
- num_runs: Total number of sandbox executions (runs) for this submission.
Args:
limit (optional, default = 20): The number of most recent analyses to return.
Returns:
A list of dictionaries summarizing each recent analysis.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No |
Input Schema (JSON Schema)
{
"properties": {
"limit": {
"default": 20,
"title": "Limit",
"type": "integer"
}
},
"type": "object"
}