When analyzing a file observable with a Cortex Analyzer from TheHive, the file name and its extension are lost or changed during the process. This behavior occurs when the observable is sent to Cortex for analysis and affects the subsequent handling and analysis of the file since the original file name and extension are significant for my analyzer.
Steps to Reproduce
Create a case in TheHive and add a file observable with a specific file name and extension.
Run the Analyzer in Cortex to analyze the file observable.
After the analysis is complete, observe that the file name and extension are changed or missing in the analysis results or observable details.
Possible Solutions
If you have any suggestions on how to maintain the original file name and extension throughout the analysis process
Complementary information
Any logs or configurations that showcase this behavior will be helpful. Here is an example of what happens to the file name before and after analysis
Problem Description
When analyzing a file observable with a Cortex Analyzer from TheHive, the file name and its extension are lost or changed during the process. This behavior occurs when the observable is sent to Cortex for analysis and affects the subsequent handling and analysis of the file since the original file name and extension are significant for my analyzer.
Steps to Reproduce
Possible Solutions
If you have any suggestions on how to maintain the original file name and extension throughout the analysis process
Complementary information
Any logs or configurations that showcase this behavior will be helpful. Here is an example of what happens to the file name before and after analysis