O'Reilly logo

Learning Malware Analysis by Monnappa K A

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

3.2 Querying Hash Values Using VirusTotal Public API

 VirusTotal also provides scripting capabilities via its public API (https://www.virustotal.com/en/documentation/public-api/); it allows you to automate file submission, retrieve file/URL scan reports, and retrieve domain/IP reports.

The following is a Python script that demonstrates the use of VirusTotal's public API. This script takes the hash value (MD5/SHA1/SHA256) as input and queries the VirusTotal database. To use the following script, you need to use a Python 2.7.x version; you must be connected to the internet and must have a VirusTotal public API key (which can be obtained by signing up for a VirusTotal account). Once you have the API key, just update the api_key variable with ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required