Enabling or Disabling Analysis of Embedded URLs in Files Using the CLI

Follow these steps to enable or disable analysis of URLs that are embedded in PDF and Microsoft Office files on the Malware Analysis appliance.

To enable analysis of embedded URLs in files:

  1. Enable the CLI configuration mode.

    hostname > enable
hostname # configure terminal

  2. Enable analysis of URLs that are embedded in files on the appliance.

    hostname (config) # static-analysis embedded-urls enable

  3. Verify the status of embedded URL analysis in files.

    hostname (config) # show static-analysis config

Static Analysis enabled                : yes
   AV-suite enabled                    : yes
   AV-suite version                    : 6
   SA on AV-suite whitelist enabled    : no
   AV-check enabled                    : yes
   Dropper enabled                     : yes
   YARA enabled                        : yes

Embedded object extraction enabled     : yes
Embedded URL extraction enabled        : yes
...

    4. The "Embedded URL extraction enabled:" line displays "yes" if embedded URL analysis is enabled.

To disable analysis of embedded URLs in files:

  1. Enable the CLI configuration mode.
    2. hostname > enable
hostname # configure terminal
  2. Disable analysis of URLs that are embedded in files on the appliance.
    3. hostname (config) # no  static-analysis embedded-urls enable
  3. Verify the status of embedded URL analysis in files.
    4. hostname (config) # show static-analysis config

Static Analysis enabled                : yes
   AV-suite enabled                    : yes
   AV-suite version                    : 6
   AV-check enabled                    : yes
   Dropper enabled                     : yes
   YARA enabled                        : yes

Embedded object extraction enabled     : yes
Embedded URL extraction enabled        : no
...

    The "Embedded URL extraction enabled:" line displays "no" if embedded URL analysis is disabled.