name: Malware
tasks:
  file-or-hash:
    name: Do you have the file or the hash?
    type: input
    schema:
      title: Malware
      type: object
      properties:
        file:
          type: string
          title: "I have the"
          enum: [ "File", "Hash" ]
    next:
      enter-hash: "file == 'Hash'"
      upload: "file == 'File'"

  enter-hash:
    name: Please enter the hash
    type: input
    schema:
      title: Malware
      type: object
      properties:
        hash:
          type: string
          title: Please enter the hash value
          minlength: 32
    next:
      virustotal: "hash != ''"

  upload:
    name: Upload the malware
    type: input
    schema:
      title: Malware
      type: object
      properties:
        malware:
          type: object
          x-display: file
          title: Please upload the malware
    next:
      hash: "malware"

  hash:
    name: Hash the malware
    type: automation
    automation: hash.sha1
    payload:
      default: "playbook.tasks['upload'].data['malware']"
    next:
      virustotal:

  virustotal:
    name: Send hash to VirusTotal
    type: automation
    automation: vt.hash
    args:
      hash: "playbook.tasks['enter-hash'].data['hash'] || playbook.tasks['hash'].data['hash']"
    # next:
    #   known-malware: "score > 5"
    #   sandbox: "score < 6" # unknown-malware