Learn how to ingest samples, launch staged analysis workflows, and discover the startup-generated MCP tool surface. 了解如何导入样本、启动 staged analysis workflow,并发现启动时生成的 MCP 工具面。
The primary entry point for all analysis. Ingest a PE binary and receive a structured triage result. 所有分析的主入口。导入 PE 二进制文件并接收结构化的分诊结果。
| Parameter参数 | Type类型 | Required必需 | Description描述 |
|---|---|---|---|
path | string | ✓ | Path to sample file样本文件路径 |
filename | string | — | Original filename (auto-detected)原始文件名(自动检测) |
source | string | — | Source label (e.g. "malware_zoo")样本来源标签 |
{
"name": "sample.ingest",
"arguments": {
"path": "C:\\samples\\target.exe",
"source": "manual_upload"
}
}
{
"sample_id": "sha256:a1b2c3d4...",
"filename": "target.exe",
"file_type": "PE32+",
"size": 1258291,
"triage": {
"is_dotnet": false,
"is_packed": true,
"packer_hint": "UPX",
"import_count": 42,
"section_count": 5
}
}
| Tool工具 | Category类别 | Description描述 |
|---|---|---|
sample.ingest | PE | Ingest & triage a PE sample导入并分诊 PE 样本 |
tool.help | Utility | Inspect schema fields, usage notes, surface role, and preferred primary tools查看 schema 字段、使用提示、工具面角色和首选主路径工具 |
tool.readiness | Utility | Passively check local/runtime readiness, runtime plane, execution semantics, and next actions before dispatch分发前被动检查本地/运行时就绪、runtime plane、执行语义和下一步动作 |
pe.headers | PE | Parse PE headers (DOS, COFF, Optional)解析 PE 头(DOS、COFF、可选头) |
pe.imports | PE | Extract import table提取导入表 |
pe.exports | PE | Extract export table提取导出表 |
pe.sections | PE | Section table with entropy带熵值的节表 |
pe.resources | PE | Resource directory tree资源目录树 |
static.resource.graph | PE | Build a PE resource and embedded-payload graph with entropy, magic, hashes, and string previews生成 PE 资源和嵌入 payload 图谱,包含熵值、magic、hash 和字符串预览 |
static.config.carver | Static | Carve URLs, hosts, registry paths, mutexes, HTTP client strings, and encoded blobs from raw bytes从原始字节提取 URL、主机、注册表路径、mutex、HTTP client 字符串和编码 blob |
static.behavior.classify | Static | Classify persistence, service install, scheduled task, WMI, process injection, DLL injection, APC, and hollowing indicators分类持久化、服务安装、计划任务、WMI、进程注入、DLL 注入、APC 和 hollowing 线索 |
pe.strings | PE | Extract printable strings提取可打印字符串 |
detect.compiler | Detect | Compiler & packer detection (DIE)编译器和加壳检测(DIE) |
yara.scan | YARA | Scan with YARA rules使用 YARA 规则扫描 |
capa.analyze | capa | Detect capabilities via capa通过 capa 检测能力 |
Orchestrate multi-stage analysis with the staged pipeline. 使用分阶段流水线编排多阶段分析。
| Tool工具 | Description描述 |
|---|---|
workflow.analyze.start | Start a staged analysis run启动分阶段分析运行 |
workflow.analyze.status | Check analysis run status检查分析运行状态 |
workflow.analyze.promote | Queue deeper stages for an existing run为已有运行排队更深阶段 |
workflow.analyze.auto | Intent router over start/promote; does not launch legacy heavyweight workflows directly基于 start/promote 的意图路由;不会直接启动旧重型 workflow |
workflow.summarize | Generate final summary report生成最终摘要报告 |
| Tool工具 | Description描述 |
|---|---|
ghidra.decompile | Decompile a function by name or address按名称或地址反编译函数 |
ghidra.functions.list | List all recovered functions列出所有恢复的函数 |
ghidra.xrefs | Cross-reference analysis交叉引用分析 |
ghidra.cfg | Control flow graph extraction控制流图提取 |
ghidra.pseudocode | Source-like pseudocode export类源码伪代码导出 |
| Tool工具 | Description描述 |
|---|---|
dynamic.auto_hook | Generate Frida hook plans from static evidence基于静态证据生成 Frida Hook 方案 |
dynamic.runtime.status | Read Runtime Node, Host Agent, Sandbox, Hyper-V, capability, and persisted session status without launching a backend读取 Runtime Node、Host Agent、Sandbox、Hyper-V、能力和持久化会话状态,不主动启动后端 |
dynamic.toolkit.status | Read Runtime Node debugger, dump, telemetry, network, .NET, and manual GUI tool inventory without launching or executing anything只读查询 Runtime Node 内调试器、dump、遥测、网络、.NET、手动 GUI 工具库存,不启动、不执行样本 |
dynamic.deep_plan | Build an explicit deep dynamic plan for behavior, CDB breakpoints, memory dumps, ProcMon/Sysmon/ETW-style telemetry, FakeNet-style labs, .NET, anti-evasion, TTD, x64dbg, and dnSpy profiles生成显式深度动态计划,覆盖行为、CDB 断点、内存 dump、ProcMon/Sysmon/ETW 风格遥测、FakeNet 风格网络实验、.NET、反逃逸、TTD、x64dbg 和 dnSpy 方案 |
debug.cdb.plan | Build planning-only CDB command batches and runtime.debug.command templates for API breakpoints, exception tracing, module-load stops, and dumps生成只规划不执行的 CDB 命令批次和 runtime.debug.command 模板,用于 API 断点、异常跟踪、模块加载停止和 dump |
debug.procdump.plan | Build planning-only ProcDump runtime.debug.command templates for crash, first-chance exception, timeout, and PID snapshot dumps生成只规划不执行的 ProcDump runtime.debug.command 模板,用于崩溃、first-chance 异常、超时和 PID 快照 dump |
debug.telemetry.plan | Build planning-only ProcMon, Sysmon, ETW, and event-log capture plans with cleanup and rollback guidance生成只规划不执行的 ProcMon、Sysmon、ETW 和事件日志采集方案,并包含清理和回滚要求 |
debug.network.plan | Build planning-only proxy sinkhole, ETW DNS, and FakeNet-style network lab profiles with runtime.debug.command templates生成只规划不执行的 proxy sinkhole、ETW DNS 和 FakeNet 风格网络实验方案,并包含 runtime.debug.command 模板 |
debug.managed.plan | Build planning-only .NET safe-run, SOS/CDB, ProcDump, resource review, and dnSpy handoff profiles生成只规划不执行的 .NET safe-run、SOS/CDB、ProcDump、资源复核和 dnSpy handoff 方案 |
debug.gui.handoff | Build artifact-backed x64dbg, WinDbg, and dnSpyEx manual GUI handoff notes for visible Sandbox/Hyper-V runtimes生成面向可见 Sandbox/Hyper-V runtime 的 x64dbg、WinDbg 和 dnSpyEx 手动 GUI 交接记录 |
dynamic.persona.plan | Build a planning-only Sandbox/Hyper-V persona checklist for user files, RecentDocs, Office traces, locale, network persona, and interaction timing生成只规划不启动的 Sandbox/Hyper-V persona 清单,覆盖用户文件、RecentDocs、Office 痕迹、区域设置、网络画像和交互节奏 |
dynamic.behavior.diff | Compare static behavior expectations against runtime observations and report confirmed, dormant, and unexpected behavior对比静态行为预期和运行时观察,报告已确认、未触发和意外行为 |
analysis.evidence.graph | Link static artifacts, runtime observations, and corroboration edges into a compact evidence graph把静态 artifact、运行时观察和相互印证边组织成紧凑证据图 |
hash.resolver.plan | Plan API hash resolver recovery from static strings and hash-like constants without executing the sample从静态字符串和疑似 hash 常量规划 API hash resolver 恢复,不执行样本 |
crypto.lifecycle.graph | Connect crypto findings, constants, runtime APIs, stages, and memory-region hints into a lifecycle graph把 crypto 发现、常量、运行时 API、阶段和内存区域线索连接成生命周期图 |
unpack.child.handoff | Carve resource, raw-sample, or raw-dump payload candidates and register bounded child samples with provenance从资源、原始样本或 raw dump 中提取 payload 候选,并注册带 provenance 的 child sample |
runtime.hyperv.control | Query Hyper-V status, list/create/restore checkpoints, or stop the configured runtime VM through Host Agent通过 Host Agent 查询 Hyper-V 状态、列出/创建/恢复 checkpoint 或停止配置的运行时 VM |
dynamic.behavior.capture | Run bounded behavior capture inside the active Runtime Node and persist process/module/file/TCP evidence在活动 Runtime Node 中执行受限行为捕获,并持久化进程、模块、文件、TCP 证据 |
dynamic.memory_dump | Capture and scan runtime memory through the active runtime backend通过活动运行时后端采集并扫描内存 |
sandbox.execute | Run bounded sandbox execution through the selected runtime backend and return execution_semantics showing live Windows Sandbox, live Hyper-V, safe simulation, or emulation通过所选运行时后端执行受限沙箱任务,并返回 execution_semantics 标明 live Windows Sandbox、live Hyper-V、safe simulation 或 emulation |
runtime.debug.session.start | Start or attach to a Windows Sandbox or Hyper-V VM runtime session; Hyper-V sessions accept hyperv_retention_policy values clean_rollback, stop_only, or preserve_dirty启动或附着 Windows Sandbox / Hyper-V VM 运行时会话;Hyper-V 会话可用 hyperv_retention_policy 选择 clean_rollback、stop_only 或 preserve_dirty |
runtime.debug.session.status | Inspect Host Agent and Runtime Node health for tracked sessions查询 Host Agent、Runtime Node 和会话健康状态 |
runtime.debug.command | Dispatch debug.session.*, sandbox.execute, behavior capture, telemetry, ProcDump, managed safe-run, or dump commands inside an active runtime session在活动运行时会话中分发 debug.session.*、sandbox.execute、行为捕获、遥测、ProcDump、managed safe-run 或转储命令 |
runtime.debug.session.stop | Release the runtime session and stop the selected backend when configured释放运行时会话,并按配置停止所选后端 |
| Tool工具 | Description描述 |
|---|---|
intel.c2.extract | Extract C2 indicators提取 C2 指标 |
intel.ioc.export | Export IOCs (STIX/OpenIOC)导出 IOC(STIX/OpenIOC) |
intel.family.classify | Malware family classification恶意软件家族分类 |
yara.generate | Auto-generate YARA rules自动生成 YARA 规则 |
sigma.generate | Auto-generate Sigma rules自动生成 Sigma 规则 |
The server uses persisted staged runs as the primary orchestration model. All analysis flows through a seven-stage pipeline with run-level contracts.服务器使用持久化分阶段运行作为主要编排模型。所有分析通过七阶段流水线以运行级别契约执行。
workflow.analyze.start → Create/reuse persisted run, execute fast_profile inline
workflow.analyze.status → Primary progress surface for clients and AI agents
workflow.analyze.promote → Queue deeper stages without rerunning compatible work| Stage阶段 | Backend Roles后端角色 |
|---|---|
fast_profile | PE leaf tools, preview strings, Rizin, YARA, YARA-X, UPXPE 叶工具、预览字符串、Rizin、YARA、YARA-X、UPX |
enrich_static | Full strings, FLOSS, capability triage, PE structure, crypto, Rust profile完整字符串、FLOSS、能力分类、PE 结构、加密、Rust 分析 |
function_map | Ghidra deep attribution + bounded Rizin corroborationGhidra 深度归因 + 有界 Rizin 校验 |
reconstruct | Reconstruct workflow + targeted RetDec and angr artifacts重建工作流 + 定向 RetDec 和 angr 产物 |
dynamic_plan | Static behavior classification, evidence-aware deep dynamic plan, readiness probes, breakpoint planning, Qiling, PANDA静态行为分类、证据感知深度动态计划、就绪探测、断点规划、Qiling、PANDA |
dynamic_execute | Safe simulation first, approval-gated execution paths安全模拟优先、审批门控执行路径 |
summarize | Persisted summary digests and report views持久化摘要和报告视图 |
The runtime separates fast reuse from deep isolation. Execution is admitted through explicit budget lanes:运行时将快速复用与深度隔离分离。执行通过显式预算通道准入:
preview-staticenrich-staticdeep-attributiondynamic-plandynamic-executemanual-executionartifact-onlyHigh-cost reusable outputs are persisted as canonical evidence per sample. Evidence families include:高成本可复用输出按样本持久化为规范证据。证据系列包括:
stringsbinary_rolecontext_linkbackend_previewsummaryLarge or expensive samples may not receive the same depth. The server reports boundaries explicitly instead of forcing clients to infer from warnings.大型或高开销样本可能不会获得相同的分析深度。服务器显式报告边界,而非迫使客户端从警告中推断。
| Level级别 | Description描述 |
|---|---|
quick | First-pass profile only仅首次画像 |
static_core | Static evidence + bounded enrichment静态证据 + 有界增强 |
deep_static | Deep static stage completed深度静态阶段完成 |
reconstruction | Reconstruction/export boundary reached重建/导出边界已达 |
dynamic_verified | Dynamic verification boundary reached动态验证边界已达 |
| State状态 | Meaning含义 |
|---|---|
queued | Work has not completed yet工作尚未完成 |
bounded | Intentionally partial result有意的部分结果 |
degraded | A deeper stage failed or fell back更深阶段失败或回退 |
completed | Workflow reached its intended boundary工作流达到预期边界 |
partial | Only a subset of expected evidence available仅有预期证据的子集可用 |
| Field字段 | Purpose用途 |
|---|---|
coverage_gaps | Names missing, skipped, blocked, or degraded domains列出缺失、跳过、阻塞或降级的领域 |
known_findings | Strongest evidence-backed conclusions within current boundary当前边界内最强的证据支持结论 |
suspected_findings | Plausible but heuristic conclusions合理但启发式的结论 |
unverified_areas | Domains not actually covered未实际覆盖的领域 |
upgrade_paths | Machine-readable next steps to close gaps机器可读的下一步操作以弥合差距 |
Use upgrade_paths instead of guessing. Common upgrades:使用 upgrade_paths 而非猜测。常见升级路径:
| Missing Domain缺失领域 | Action操作 |
|---|---|
ghidra_analysis | ghidra.analyze / analysis.context.link |
reconstruction_export | workflow.reconstruct |
summary_synthesis | workflow.summarize |
dynamic_behavior | dynamic.dependencies → sandbox.execute |
The staged runtime uses workflow.analyze.* as the primary orchestration contract. task.status is available for low-level job inspection but is not the main workflow surface.分阶段运行时使用 workflow.analyze.* 作为主要编排契约。task.status 可用于底层任务检查但不是主要工作流界面。
workflow.analyze.start(sample_id, goal='triage')
workflow.analyze.promote(run_id, through_stage='function_map')
workflow.analyze.status(run_id)| Tool工具 | Notes说明 |
|---|---|
workflow.analyze.promote | Queues deeper stages排队更深阶段 |
ghidra.analyze | Deep attribution backend深度归因后端 |
workflow.deep_static | Full static pipeline完整静态流水线 |
workflow.reconstruct | Source-like code export类源码导出 |
strings.extract(mode='full') | May return bounded preview depending on size可能根据大小返回有界预览 |
When a stage is queued: (1) prefer workflow.analyze.status(run_id); (2) only use task.status(job_id) for raw job details; (3) respect polling_guidance wait recommendations.当阶段排队时:(1) 优先使用 workflow.analyze.status(run_id);(2) 仅在需要原始任务详情时用 task.status(job_id);(3) 遵守 polling_guidance 等待建议。
Large staged responses may prune historical stage payloads and report this in top-level warnings. Use artifact.read for the full artifact payload. task.status also reports external_active_* memory telemetry for analyzer subprocesses that are still running outside the queue view.大型 staged 响应可能会裁剪历史阶段结果,并在顶层 warnings 中说明。完整内容请使用 artifact.read。task.status 还会通过 external_active_* 暴露仍在队列视图之外运行的 analyzer 子进程内存遥测。