Explore OpenCTI or OpenAEV platform with 30 days Free Trial!
XTM Hub by FiligranSign In
CAPE Sandbox logo

CAPE Sandbox

Malware Analysis And Sandbox
Detection & Response Enablement

Overview

The CAPEv2 connector allows submitting File and Artifact observables for dynamic malware analysis, then imports the resulting extracted configurations, network IOCs, MITRE ATT&CK mappings, and payloads back into OpenCTI

CAPEv2 (Config And Payload Extraction) is an open-source malware sandbox derived from Cuckoo Sandbox, specifically designed for extracting malware configurations and payloads. It provides comprehensive behavioral analysis including process monitoring, network traffic capture, API tracing, and automated config extraction.

This connector integrates CAPEv2 with OpenCTI to submit File and Artifact observables for dynamic analysis, import extracted malware configurations, create relationships to MITRE ATT&CK techniques, extract network IOCs (domains, IP addresses), and upload extracted payloads and process dumps as related artifacts.

Basic information

CAPE Sandbox
Connectors
Internal enrichment
6.8.13
2

    We use cookies to make the XTM Hub work, understand how it's used, and improve your experience. Strictly necessary cookies are always on. With your consent, we also use optional cookies for functionality, performance and analytics, and marketing. You can accept all, reject all, or choose which optional cookies to allow. You can change your preferences at any time via "Cookie settings". See our Cookie Policy for more information.