https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/proposing-solution-failure-to-extract-zip-file-downloaded-from/m-p/1240202#M4170 <P><STRONG>Cisco Secure Malware Analytics (Threat Grid) v2</STRONG> is an OOTB integration comes as part of&nbsp;<STRONG>Cisco Secure Malware Analytics&nbsp;</STRONG>content pack to connect with ThreatGrid(TG) platform and achieve various functionalities.</P> <P><STRONG>Issue background</STRONG>: <EM>!threat-grid-sample-list</EM>&nbsp;integration command downloads resources for the given sample id from ThreatGrid depending on the type of artifacts provided as input.&nbsp;</P> <P>supported artifacts from TG are:&nbsp;<FONT face="comic sans ms,sans-serif" color="#0000FF">video.webm, network-artifacts.zip, report.html, sample.zip, screenshot.png, extracted-artifacts.zip, timeline.json, analysis.json, processes.json, network.pcap</FONT></P> <P>&nbsp;</P> <P>sample.zip is one such artifact which downloads zip file from TG encrypted with default password - "infected".</P> <P>&nbsp;</P> <P><STRONG>Issue:</STRONG> Above command downloads the zip file in corrupt format which fails to extract file from the downloaded zip. This is due to a bug in the&nbsp;Cisco Secure Malware Analytics (Threat Grid) v2 integration</P> <P>&nbsp;</P> <P><STRONG>Solution:&nbsp;</STRONG>Proposing a solution (attached in screenshot below) which the XSOAR team may patch in their next release.&nbsp;</P> <P>&nbsp;</P> <P>PAN closed support case&nbsp;<SPAN>Case#&nbsp;</SPAN><SPAN>03676558</SPAN></P> <P>&nbsp;</P> <P><LI-PRODUCT title="Cortex XSOAR" id="Cortex_XSOAR"></LI-PRODUCT>&nbsp;</P> <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/1525074605">@kmcdade</a>&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/217752">@inagaria</a>&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/306009">@alindsay</a>&nbsp;</P> Fri, 17 Oct 2025 02:43:53 GMT V.Kopparad 2025-10-17T02:43:53Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/proposing-solution-failure-to-extract-zip-file-downloaded-from/m-p/1240202#M4170 <P><STRONG>Cisco Secure Malware Analytics (Threat Grid) v2</STRONG> is an OOTB integration comes as part of&nbsp;<STRONG>Cisco Secure Malware Analytics&nbsp;</STRONG>content pack to connect with ThreatGrid(TG) platform and achieve various functionalities.</P> <P><STRONG>Issue background</STRONG>: <EM>!threat-grid-sample-list</EM>&nbsp;integration command downloads resources for the given sample id from ThreatGrid depending on the type of artifacts provided as input.&nbsp;</P> <P>supported artifacts from TG are:&nbsp;<FONT face="comic sans ms,sans-serif" color="#0000FF">video.webm, network-artifacts.zip, report.html, sample.zip, screenshot.png, extracted-artifacts.zip, timeline.json, analysis.json, processes.json, network.pcap</FONT></P> <P>&nbsp;</P> <P>sample.zip is one such artifact which downloads zip file from TG encrypted with default password - "infected".</P> <P>&nbsp;</P> <P><STRONG>Issue:</STRONG> Above command downloads the zip file in corrupt format which fails to extract file from the downloaded zip. This is due to a bug in the&nbsp;Cisco Secure Malware Analytics (Threat Grid) v2 integration</P> <P>&nbsp;</P> <P><STRONG>Solution:&nbsp;</STRONG>Proposing a solution (attached in screenshot below) which the XSOAR team may patch in their next release.&nbsp;</P> <P>&nbsp;</P> <P>PAN closed support case&nbsp;<SPAN>Case#&nbsp;</SPAN><SPAN>03676558</SPAN></P> <P>&nbsp;</P> <P><LI-PRODUCT title="Cortex XSOAR" id="Cortex_XSOAR"></LI-PRODUCT>&nbsp;</P> <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/1525074605">@kmcdade</a>&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/217752">@inagaria</a>&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/306009">@alindsay</a>&nbsp;</P> Fri, 17 Oct 2025 02:43:53 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/proposing-solution-failure-to-extract-zip-file-downloaded-from/m-p/1240202#M4170 V.Kopparad 2025-10-17T02:43:53Z