Get binary details


Use this endpoint to get information about binaries.

curl --location --request POST '' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
    "accountId": 5153185,
    "filePath": "C:\\ProgramData\\Microsoft\\Windows Defender\\Definition Updates\\Backup\\mpasdlta.lkg",
    "serverHost": "3.0.1-ADM-060722"
200 OK
    "error": null,
    "data": {
        "fileName": "mpasdlta",
        "source": "Agent",
        "algorithms": [],
        "fileType": "EXE (Windows)",
        "filePath": "C:\\ProgramData\\Microsoft\\Windows Defender\\Definition Updates\\Backup\\mpasdlta.lkg",
        "tags": "",
        "firstDiscoveredDate": 1655980690290,
        "lastDiscoveredDate": 1655980690290,
        "scanName": null,
        "signingTimestamp": 0,
        "isSigned": "Yes",
        "serverHost": "3.0.1-ADM-060722",
        "certThumbprint": ["ea7d7ccb8a4cc08f0d9b0f3a9bae39f617eb82b3"],
        "hasFileChanged": true

Request parameters

Name Req/Opt Type Description
accountId required string Account ID.
filePath required string The file path from where the binary is discovered.
serverHost required string The server host associated with the binary.

Response parameters

Name Type Description
error object Includes error codes, if any.
data object Object with information about the binary.
.. fileName string Name of the file associated with the binary.
.. source string The scan used to identify the certificate.
Possible values: Sensor, Agent.
.. algorithm string Hashing algorithm and keysize (or length) in bits of the SSH key.
Possible values: ECDSA SHA2 NISTP256 256, RSA1 1024, RSA1 2048, SSH DSS 1024, SSH RSA 1024, SSH ED25519 256, SSH RSA 2048, SSH RSA 3072, SSH RSA 4096.
.. fileType string Type of file.
.. filePath string The file path from where the binary is discovered.
.. tags string Custom tags added by certificate owner, subscriber, or other admin.
.. firstDiscoveredDate integer Date certificate was first found by CertCentral Discovery scan.
Format: epoch in millisecond.
Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system.
Example: 1855828800000
.. lastDiscoveredDate integer Date certificate was last found by CertCentral Discovery scan.
.. scanName string Name of the scan.
.. signingTimestamp integer Time when the binary was signed.
.. isSigned string Whether the binary is signed or not.
.. serverHost string The server host associated with the binary.
Values are comma-separated.
.. certThumbprint List of string Thumbprint of signing certificates associated with the binary.
.. hasFileChanged boolean Whether the file changed after the scan run. first discovered by scan.