Virus Total v2
v1.0.2
Virustotal can be used to analyze suspicious files and URLs to detect types of malware including viruses, worms, and trojans.
Connect Virustotal with LogicHub
- Navigate to Automations > Integrations.
- Search for Virus Total v2.
- Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- API Key: The API key to connect to the Virustotal.
- After you've entered all the details, click Connect.
Actions for Virustotal
Analyze Domain
Retrieves a domain report
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Column Name | Select the name of the column in the parent table containing the domain to submit to VirusTotal. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: analysis details
{
"data": {
"id": "google.com",
"type": "domain",
"links": {
"self": "https://www.virustotal.com/api/v3/domains/google.com"
},
"attributes": {
"last_https_certificate_date": 1739248647,
"last_dns_records": [
{
"type": "A",
"ttl": 145,
"value": "142.251.183.102"
},
{
"type": "AAAA",
"ttl": 300,
"value": "2607:f8b0:4001:c64::66"
},
{
"type": "AAAA",
"ttl": 300,
"value": "2607:f8b0:4001:c64::71"
},
{
"type": "A",
"ttl": 145,
"value": "142.251.183.138"
},
{
"type": "MX",
"ttl": 68,
"priority": 10,
"value": "smtp.google.com"
},
{
"type": "NS",
"ttl": 21600,
"value": "ns4.google.com"
},
{
"type": "CAA",
"ttl": 8030,
"flag": 0,
"tag": "issue",
"value": "pki.goog"
},
{
"type": "NS",
"ttl": 21600,
"value": "ns1.google.com"
},
{
"type": "TXT",
"ttl": 3600,
"value": "google-site-verification=wD8N7i1JTNTkezJ49swvWW48f8_9xveREV4oB-0Hf5o"
},
{
"type": "SOA",
"ttl": 49,
"value": "ns1.google.com",
"rname": "dns-admin.google.com",
"serial": 724876523,
"refresh": 900,
"retry": 900,
"expire": 1800,
"minimum": 60
},
{
"type": "TXT",
"ttl": 3600,
"value": "apple-domain-verification=30afIBcvSuDV2PLX"
},
{
"type": "TXT",
"ttl": 3600,
"value": "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
},
{
"type": "TXT",
"ttl": 3600,
"value": "google-site-verification=TV9-DBe4R80X4v0M4U_bd_J9cpOJM0nikft0jAgjmsQ"
},
{
"type": "A",
"ttl": 145,
"value": "142.251.183.113"
},
{
"type": "TXT",
"ttl": 3600,
"value": "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
},
{
"type": "NS",
"ttl": 21600,
"value": "ns2.google.com"
},
{
"type": "TXT",
"ttl": 3600,
"value": "MS=E4A68B9AB2BB9670BCE15412F62916164C0B20BB"
},
{
"type": "A",
"ttl": 145,
"value": "142.251.183.101"
},
{
"type": "A",
"ttl": 145,
"value": "142.251.183.100"
},
{
"type": "TXT",
"ttl": 3600,
"value": "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
},
{
"type": "A",
"ttl": 145,
"value": "142.251.183.139"
},
{
"type": "TXT",
"ttl": 3600,
"value": "v=spf1 include:_spf.google.com ~all"
},
{
"type": "NS",
"ttl": 21600,
"value": "ns3.google.com"
},
{
"type": "TXT",
"ttl": 3600,
"value": "cisco-ci-domain-verification=479146de172eb01ddee38b1a455ab9e8bb51542ddd7f1fa298557dfa7b22d963"
},
{
"type": "TXT",
"ttl": 3600,
"value": "onetrust-domain-verification=de01ed21f2fa4d8781cbc3ffb89cf4ef"
},
{
"type": "AAAA",
"ttl": 300,
"value": "2607:f8b0:4001:c64::8b"
},
{
"type": "TXT",
"ttl": 3600,
"value": "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
},
{
"type": "TXT",
"ttl": 3600,
"value": "google-site-verification=4ibFUgB-wXLQ_S7vsXVomSTVamuOXBiVAzpR5IZ87D0"
},
{
"type": "AAAA",
"ttl": 300,
"value": "2607:f8b0:4001:c64::65"
}
],
"total_votes": {
"harmless": 400,
"malicious": 66
},
"creation_date": 874306800,
"jarm": "27d40d40d29d40d1dc42d43d00041d4689ee210389f4f6b4b5b1b93f92252d",
"last_update_date": 1722565053,
"whois": "Admin Country: US\nAdmin Organization: Google LLC\nAdmin State/Province: CA\nCreation Date: 1997-09-15T04:00:00Z\nCreation Date: 1997-09-15T07:00:00+0000\nDNSSEC: unsigned\nDomain Name: GOOGLE.COM\nDomain Name: google.com\nDomain Status: clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)\nDomain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited\nDomain Status: clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)\nDomain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\nDomain Status: clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)\nDomain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited\nDomain Status: serverDeleteProhibited (https://www.icann.org/epp#serverDeleteProhibited)\nDomain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited\nDomain Status: serverTransferProhibited (https://www.icann.org/epp#serverTransferProhibited)\nDomain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited\nDomain Status: serverUpdateProhibited (https://www.icann.org/epp#serverUpdateProhibited)\nDomain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited\nName Server: NS1.GOOGLE.COM\nName Server: NS2.GOOGLE.COM\nName Server: NS3.GOOGLE.COM\nName Server: NS4.GOOGLE.COM\nName Server: ns1.google.com\nName Server: ns2.google.com\nName Server: ns3.google.com\nName Server: ns4.google.com\nRegistrant Country: US\nRegistrant Email: ca4484b9e50182bds@\nRegistrant Organization: 3307059bbb3149c4\nRegistrant State/Province: b1952dfc047df18a\nRegistrar Abuse Contact Email: abusecomplaints@markmonitor.com\nRegistrar Abuse Contact Phone: +1.2086851750\nRegistrar IANA ID: 292\nRegistrar Registration Expiration Date: 2028-09-13T07:00:00+0000\nRegistrar URL: http://www.markmonitor.com\nRegistrar WHOIS Server: whois.markmonitor.com\nRegistrar: MarkMonitor Inc.\nRegistrar: MarkMonitor, Inc.\nRegistry Domain ID: 2138514_DOMAIN_COM-VRSN\nRegistry Expiry Date: 2028-09-14T04:00:00Z\nTech Country: US\nTech Organization: Google LLC\nTech State/Province: CA\nUpdated Date: 2019-09-09T15:39:04Z\nUpdated Date: 2024-08-02T02:17:33+0000",
"popularity_ranks": {
"Majestic": {
"rank": 1,
"timestamp": 1739198287
},
"Statvoo": {
"timestamp": 1684083481,
"rank": 1
},
"Alexa": {
"timestamp": 1684083480,
"rank": 1
},
"Cisco Umbrella": {
"rank": 2,
"timestamp": 1739198293
},
"Quantcast": {
"timestamp": 1585755370,
"rank": 1
},
"Cloudflare Radar": {
"rank": 200,
"timestamp": 1739198281
}
},
"last_dns_records_date": 1739248647,
"registrar": "MarkMonitor Inc.",
"tags": [],
"reputation": 603,
"tld": "com",
"categories": {
"BitDefender": "searchengines",
"Sophos": "search engines",
"Forcepoint ThreatSeeker": "search engines and portals"
},
"last_analysis_stats": {
"malicious": 0,
"suspicious": 0,
"undetected": 28,
"harmless": 66,
"timeout": 0
},
"last_https_certificate": {
"cert_signature": {
"signature_algorithm": "sha256RSA",
"signature": "8ecdffaaa97fbbf637216dcbbf5b7b709ce4087dcbb36a40e79a3b8f1853de4a04ec1409903779d6515f02afdaa9609015b790c16683903bca765e99ccb49761a83a06ee040f277f6dc332d988be7ef9eeeb99fa1d25ff84d4fb3f95c72b6226ec9f10dc87844cfa3ebc3d47fe6c39b6bbc9d873a89cbc85570ffef35609324afcdc980dd44bf3301c1143ddb5ea63d1fae4b91e872162d8f421496ada07649a5c49dd77a8b3dddb094f12933466a8fb627c291d65a47f070359ca0d86352030c2dc5914be6857cebd7e10329c74e0527968572bda2c8397b7bab9df73388b02dca8717ea1454212669ca221469d96996ae9727787b4ac9844f71b736f81c600"
},
"extensions": {
"key_usage": [
"digitalSignature"
],
"extended_key_usage": [
"serverAuth"
],
"CA": false,
"subject_key_identifier": "6d090318ceec11d49322d02416090251655365d7",
"authority_key_identifier": {
"keyid": "de1b1eed7915d43e3724c321bbec34396d42b230"
},
"ca_information_access": {
"OCSP": "http://o.pki.goog/wr2",
"CA Issuers": "http://i.pki.goog/wr2.crt"
},
"subject_alternative_name": [
"*.google.com",
"*.appengine.google.com",
"*.bdn.dev",
"*.origin-test.bdn.dev",
"*.cloud.google.com",
"*.crowdsource.google.com",
"*.datacompute.google.com",
"*.google.ca",
"*.google.cl",
"*.google.co.in",
"*.google.co.jp",
"*.google.co.uk",
"*.google.com.ar",
"*.google.com.au",
"*.google.com.br",
"*.google.com.co",
"*.google.com.mx",
"*.google.com.tr",
"*.google.com.vn",
"*.google.de",
"*.google.es",
"*.google.fr",
"*.google.hu",
"*.google.it",
"*.google.nl",
"*.google.pl",
"*.google.pt",
"*.googleapis.cn",
"*.googlevideo.com",
"*.gstatic.cn",
"*.gstatic-cn.com",
"googlecnapps.cn",
"*.googlecnapps.cn",
"googleapps-cn.com",
"*.googleapps-cn.com",
"gkecnapps.cn",
"*.gkecnapps.cn",
"googledownloads.cn",
"*.googledownloads.cn",
"recaptcha.net.cn",
"*.recaptcha.net.cn",
"recaptcha-cn.net",
"*.recaptcha-cn.net",
"widevine.cn",
"*.widevine.cn",
"ampproject.org.cn",
"*.ampproject.org.cn",
"ampproject.net.cn",
"*.ampproject.net.cn",
"google-analytics-cn.com",
"*.google-analytics-cn.com",
"googleadservices-cn.com",
"*.googleadservices-cn.com",
"googlevads-cn.com",
"*.googlevads-cn.com",
"googleapis-cn.com",
"*.googleapis-cn.com",
"googleoptimize-cn.com",
"*.googleoptimize-cn.com",
"doubleclick-cn.net",
"*.doubleclick-cn.net",
"*.fls.doubleclick-cn.net",
"*.g.doubleclick-cn.net",
"doubleclick.cn",
"*.doubleclick.cn",
"*.fls.doubleclick.cn",
"*.g.doubleclick.cn",
"dartsearch-cn.net",
"*.dartsearch-cn.net",
"googletraveladservices-cn.com",
"*.googletraveladservices-cn.com",
"googletagservices-cn.com",
"*.googletagservices-cn.com",
"googletagmanager-cn.com",
"*.googletagmanager-cn.com",
"googlesyndication-cn.com",
"*.googlesyndication-cn.com",
"*.safeframe.googlesyndication-cn.com",
"app-measurement-cn.com",
"*.app-measurement-cn.com",
"gvt1-cn.com",
"*.gvt1-cn.com",
"gvt2-cn.com",
"*.gvt2-cn.com",
"2mdn-cn.net",
"*.2mdn-cn.net",
"googleflights-cn.net",
"*.googleflights-cn.net",
"admob-cn.com",
"*.admob-cn.com",
"googlesandbox-cn.com",
"*.googlesandbox-cn.com",
"*.safenup.googlesandbox-cn.com",
"*.gstatic.com",
"*.metric.gstatic.com",
"*.gvt1.com",
"*.gcpcdn.gvt1.com",
"*.gvt2.com",
"*.gcp.gvt2.com",
"*.url.google.com",
"*.youtube-nocookie.com",
"*.ytimg.com",
"android.com",
"*.android.com",
"*.flash.android.com",
"g.cn",
"*.g.cn",
"g.co",
"*.g.co",
"goo.gl",
"www.goo.gl",
"google-analytics.com",
"*.google-analytics.com",
"google.com",
"googlecommerce.com",
"*.googlecommerce.com",
"ggpht.cn",
"*.ggpht.cn",
"urchin.com",
"*.urchin.com",
"youtu.be",
"youtube.com",
"*.youtube.com",
"music.youtube.com",
"*.music.youtube.com",
"youtubeeducation.com",
"*.youtubeeducation.com",
"youtubekids.com",
"*.youtubekids.com",
"yt.be",
"*.yt.be",
"android.clients.google.com",
"*.android.google.cn",
"*.chrome.google.cn",
"*.developers.google.cn"
],
"certificate_policies": [
"2.23.140.1.2.1"
],
"crl_distribution_points": [
"http://c.pki.goog/wr2/oBFYYahzgVI.crl"
],
"1.3.6.1.4.1.11129.2.4.2": "0481f200f00076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0"
},
"validity": {
"not_after": "2025-04-14 08:36:03",
"not_before": "2025-01-20 08:36:04"
},
"size": 3598,
"version": "V3",
"public_key": {
"algorithm": "EC",
"ec": {
"oid": "secp256r1",
"pub": "3059301306072a8648ce3d020106082a8648ce3d030107034200046e576b72797e2341f42d23849553e468d0979b9256dabcf14569635d18d0a8879142030b695a41368e282b1e27256de53e9cb5f276f2f0c2e2cf13bd61fd8595"
}
},
"thumbprint_sha256": "956abfe93ab7ab8326fbca169799ebc91a5b399bf4281a2ffa860f5a4503381f",
"thumbprint": "aca68049bb245f7dc3bd8d4c355edd36ebf8c195",
"serial_number": "4363e8601434156912fa36d14137f267",
"issuer": {
"C": "US",
"O": "Google Trust Services",
"CN": "WR2"
},
"subject": {
"CN": "*.google.com"
}
},
"last_analysis_results": {
"Acronis": {
"method": "blacklist",
"engine_name": "Acronis",
"category": "harmless",
"result": "clean"
},
"0xSI_f33d": {
"method": "blacklist",
"engine_name": "0xSI_f33d",
"category": "undetected",
"result": "unrated"
},
"Abusix": {
"method": "blacklist",
"engine_name": "Abusix",
"category": "harmless",
"result": "clean"
},
"ADMINUSLabs": {
"method": "blacklist",
"engine_name": "ADMINUSLabs",
"category": "harmless",
"result": "clean"
},
"Axur": {
"method": "blacklist",
"engine_name": "Axur",
"category": "undetected",
"result": "unrated"
},
"Criminal IP": {
"method": "blacklist",
"engine_name": "Criminal IP",
"category": "harmless",
"result": "clean"
},
"AILabs (MONITORAPP)": {
"method": "blacklist",
"engine_name": "AILabs (MONITORAPP)",
"category": "harmless",
"result": "clean"
},
"AlienVault": {
"method": "blacklist",
"engine_name": "AlienVault",
"category": "harmless",
"result": "clean"
},
"alphaMountain.ai": {
"method": "blacklist",
"engine_name": "alphaMountain.ai",
"category": "harmless",
"result": "clean"
},
"AlphaSOC": {
"method": "blacklist",
"engine_name": "AlphaSOC",
"category": "undetected",
"result": "unrated"
},
"Antiy-AVL": {
"method": "blacklist",
"engine_name": "Antiy-AVL",
"category": "harmless",
"result": "clean"
},
"ArcSight Threat Intelligence": {
"method": "blacklist",
"engine_name": "ArcSight Threat Intelligence",
"category": "undetected",
"result": "unrated"
},
"AutoShun": {
"method": "blacklist",
"engine_name": "AutoShun",
"category": "undetected",
"result": "unrated"
},
"benkow.cc": {
"method": "blacklist",
"engine_name": "benkow.cc",
"category": "harmless",
"result": "clean"
},
"Bfore.Ai PreCrime": {
"method": "blacklist",
"engine_name": "Bfore.Ai PreCrime",
"category": "harmless",
"result": "clean"
},
"BitDefender": {
"method": "blacklist",
"engine_name": "BitDefender",
"category": "harmless",
"result": "clean"
},
"Bkav": {
"method": "blacklist",
"engine_name": "Bkav",
"category": "undetected",
"result": "unrated"
},
"Blueliv": {
"method": "blacklist",
"engine_name": "Blueliv",
"category": "harmless",
"result": "clean"
},
"Certego": {
"method": "blacklist",
"engine_name": "Certego",
"category": "harmless",
"result": "clean"
},
"Chong Lua Dao": {
"method": "blacklist",
"engine_name": "Chong Lua Dao",
"category": "harmless",
"result": "clean"
},
"CINS Army": {
"method": "blacklist",
"engine_name": "CINS Army",
"category": "harmless",
"result": "clean"
},
"Cluster25": {
"method": "blacklist",
"engine_name": "Cluster25",
"category": "undetected",
"result": "unrated"
},
"CRDF": {
"method": "blacklist",
"engine_name": "CRDF",
"category": "harmless",
"result": "clean"
},
"CSIS Security Group": {
"method": "blacklist",
"engine_name": "CSIS Security Group",
"category": "undetected",
"result": "unrated"
},
"Snort IP sample list": {
"method": "blacklist",
"engine_name": "Snort IP sample list",
"category": "harmless",
"result": "clean"
},
"CMC Threat Intelligence": {
"method": "blacklist",
"engine_name": "CMC Threat Intelligence",
"category": "harmless",
"result": "clean"
},
"Cyan": {
"method": "blacklist",
"engine_name": "Cyan",
"category": "undetected",
"result": "unrated"
},
"Cyble": {
"method": "blacklist",
"engine_name": "Cyble",
"category": "harmless",
"result": "clean"
},
"CyRadar": {
"method": "blacklist",
"engine_name": "CyRadar",
"category": "harmless",
"result": "clean"
},
"DNS8": {
"method": "blacklist",
"engine_name": "DNS8",
"category": "harmless",
"result": "clean"
},
"Dr.Web": {
"method": "blacklist",
"engine_name": "Dr.Web",
"category": "harmless",
"result": "clean"
},
"Ermes": {
"method": "blacklist",
"engine_name": "Ermes",
"category": "undetected",
"result": "unrated"
},
"ESET": {
"method": "blacklist",
"engine_name": "ESET",
"category": "harmless",
"result": "clean"
},
"ESTsecurity": {
"method": "blacklist",
"engine_name": "ESTsecurity",
"category": "harmless",
"result": "clean"
},
"EmergingThreats": {
"method": "blacklist",
"engine_name": "EmergingThreats",
"category": "harmless",
"result": "clean"
},
"Emsisoft": {
"method": "blacklist",
"engine_name": "Emsisoft",
"category": "harmless",
"result": "clean"
},
"Forcepoint ThreatSeeker": {
"method": "blacklist",
"engine_name": "Forcepoint ThreatSeeker",
"category": "harmless",
"result": "clean"
},
"Fortinet": {
"method": "blacklist",
"engine_name": "Fortinet",
"category": "harmless",
"result": "clean"
},
"G-Data": {
"method": "blacklist",
"engine_name": "G-Data",
"category": "harmless",
"result": "clean"
},
"GCP Abuse Intelligence": {
"method": "blacklist",
"engine_name": "GCP Abuse Intelligence",
"category": "undetected",
"result": "unrated"
},
"Google Safebrowsing": {
"method": "blacklist",
"engine_name": "Google Safebrowsing",
"category": "harmless",
"result": "clean"
},
"GreenSnow": {
"method": "blacklist",
"engine_name": "GreenSnow",
"category": "harmless",
"result": "clean"
},
"Gridinsoft": {
"method": "blacklist",
"engine_name": "Gridinsoft",
"category": "undetected",
"result": "unrated"
},
"Heimdal Security": {
"method": "blacklist",
"engine_name": "Heimdal Security",
"category": "harmless",
"result": "clean"
},
"Hunt.io Intelligence": {
"method": "blacklist",
"engine_name": "Hunt.io Intelligence",
"category": "undetected",
"result": "unrated"
},
"IPsum": {
"method": "blacklist",
"engine_name": "IPsum",
"category": "harmless",
"result": "clean"
},
"Juniper Networks": {
"method": "blacklist",
"engine_name": "Juniper Networks",
"category": "harmless",
"result": "clean"
},
"Kaspersky": {
"method": "blacklist",
"engine_name": "Kaspersky",
"category": "harmless",
"result": "clean"
},
"Lionic": {
"method": "blacklist",
"engine_name": "Lionic",
"category": "harmless",
"result": "clean"
},
"Lumu": {
"method": "blacklist",
"engine_name": "Lumu",
"category": "undetected",
"result": "unrated"
},
"MalwarePatrol": {
"method": "blacklist",
"engine_name": "MalwarePatrol",
"category": "harmless",
"result": "clean"
},
"MalwareURL": {
"method": "blacklist",
"engine_name": "MalwareURL",
"category": "undetected",
"result": "unrated"
},
"Malwared": {
"method": "blacklist",
"engine_name": "Malwared",
"category": "harmless",
"result": "clean"
},
"Netcraft": {
"method": "blacklist",
"engine_name": "Netcraft",
"category": "undetected",
"result": "unrated"
},
"OpenPhish": {
"method": "blacklist",
"engine_name": "OpenPhish",
"category": "harmless",
"result": "clean"
},
"Phishing Database": {
"method": "blacklist",
"engine_name": "Phishing Database",
"category": "harmless",
"result": "clean"
},
"PhishFort": {
"method": "blacklist",
"engine_name": "PhishFort",
"category": "undetected",
"result": "unrated"
},
"PhishLabs": {
"method": "blacklist",
"engine_name": "PhishLabs",
"category": "undetected",
"result": "unrated"
},
"Phishtank": {
"method": "blacklist",
"engine_name": "Phishtank",
"category": "harmless",
"result": "clean"
},
"PREBYTES": {
"method": "blacklist",
"engine_name": "PREBYTES",
"category": "harmless",
"result": "clean"
},
"PrecisionSec": {
"method": "blacklist",
"engine_name": "PrecisionSec",
"category": "undetected",
"result": "unrated"
},
"Quick Heal": {
"method": "blacklist",
"engine_name": "Quick Heal",
"category": "harmless",
"result": "clean"
},
"Quttera": {
"method": "blacklist",
"engine_name": "Quttera",
"category": "harmless",
"result": "clean"
},
"SafeToOpen": {
"method": "blacklist",
"engine_name": "SafeToOpen",
"category": "undetected",
"result": "unrated"
},
"Sansec eComscan": {
"method": "blacklist",
"engine_name": "Sansec eComscan",
"category": "undetected",
"result": "unrated"
},
"Scantitan": {
"method": "blacklist",
"engine_name": "Scantitan",
"category": "harmless",
"result": "clean"
},
"SCUMWARE.org": {
"method": "blacklist",
"engine_name": "SCUMWARE.org",
"category": "harmless",
"result": "clean"
},
"Seclookup": {
"method": "blacklist",
"engine_name": "Seclookup",
"category": "harmless",
"result": "clean"
},
"SecureBrain": {
"method": "blacklist",
"engine_name": "SecureBrain",
"category": "undetected",
"result": "unrated"
},
"Segasec": {
"method": "blacklist",
"engine_name": "Segasec",
"category": "undetected",
"result": "unrated"
},
"SOCRadar": {
"method": "blacklist",
"engine_name": "SOCRadar",
"category": "harmless",
"result": "clean"
},
"Sophos": {
"method": "blacklist",
"engine_name": "Sophos",
"category": "harmless",
"result": "clean"
},
"Spam404": {
"method": "blacklist",
"engine_name": "Spam404",
"category": "harmless",
"result": "clean"
},
"StopForumSpam": {
"method": "blacklist",
"engine_name": "StopForumSpam",
"category": "harmless",
"result": "clean"
},
"Sucuri SiteCheck": {
"method": "blacklist",
"engine_name": "Sucuri SiteCheck",
"category": "harmless",
"result": "clean"
},
"ThreatHive": {
"method": "blacklist",
"engine_name": "ThreatHive",
"category": "harmless",
"result": "clean"
},
"Threatsourcing": {
"method": "blacklist",
"engine_name": "Threatsourcing",
"category": "harmless",
"result": "clean"
},
"Trustwave": {
"method": "blacklist",
"engine_name": "Trustwave",
"category": "harmless",
"result": "clean"
},
"Underworld": {
"method": "blacklist",
"engine_name": "Underworld",
"category": "undetected",
"result": "unrated"
},
"URLhaus": {
"method": "blacklist",
"engine_name": "URLhaus",
"category": "harmless",
"result": "clean"
},
"URLQuery": {
"method": "blacklist",
"engine_name": "URLQuery",
"category": "harmless",
"result": "clean"
},
"Viettel Threat Intelligence": {
"method": "blacklist",
"engine_name": "Viettel Threat Intelligence",
"category": "harmless",
"result": "clean"
},
"VIPRE": {
"method": "blacklist",
"engine_name": "VIPRE",
"category": "undetected",
"result": "unrated"
},
"VX Vault": {
"method": "blacklist",
"engine_name": "VX Vault",
"category": "harmless",
"result": "clean"
},
"ViriBack": {
"method": "blacklist",
"engine_name": "ViriBack",
"category": "harmless",
"result": "clean"
},
"Webroot": {
"method": "blacklist",
"engine_name": "Webroot",
"category": "harmless",
"result": "clean"
},
"Yandex Safebrowsing": {
"method": "blacklist",
"engine_name": "Yandex Safebrowsing",
"category": "harmless",
"result": "clean"
},
"ZeroCERT": {
"method": "blacklist",
"engine_name": "ZeroCERT",
"category": "harmless",
"result": "clean"
},
"desenmascara.me": {
"method": "blacklist",
"engine_name": "desenmascara.me",
"category": "harmless",
"result": "clean"
},
"malwares.com URL checker": {
"method": "blacklist",
"engine_name": "malwares.com URL checker",
"category": "harmless",
"result": "clean"
},
"securolytics": {
"method": "blacklist",
"engine_name": "securolytics",
"category": "harmless",
"result": "clean"
},
"Xcitium Verdict Cloud": {
"method": "blacklist",
"engine_name": "Xcitium Verdict Cloud",
"category": "undetected",
"result": "unrated"
},
"zvelo": {
"method": "blacklist",
"engine_name": "zvelo",
"category": "undetected",
"result": "unrated"
},
"ZeroFox": {
"method": "blacklist",
"engine_name": "ZeroFox",
"category": "undetected",
"result": "unrated"
}
},
"last_analysis_date": 1739248646,
"last_modification_date": 1739263704,
"whois_date": 1738682976
}
}
}
Analyze File Hash
Retrieves a file hash report
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Column Name | Name of the column in the parent table containing file hash to submit to VirusTotal. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: analysis details
{
"data": {
"id": "49e29cd7c390097a4befdd6bb8c2cc5afb1cb4716c1f5f81c37eabfc1e7c0d1a",
"type": "file",
"links": {
"self": "https://www.virustotal.com/api/v3/files/49e29cd7c390097a4befdd6bb8c2cc5afb1cb4716c1f5f81c37eabfc1e7c0d1a"
},
"attributes": {
"tags": [
"python"
],
"last_submission_date": 1738562484,
"md5": "cdecd218aa40170be28946d549f0dbe8",
"times_submitted": 1,
"type_extension": "py",
"total_votes": {
"harmless": 0,
"malicious": 0
},
"unique_sources": 1,
"last_modification_date": 1738569787,
"sha1": "63ffdc6323a45578364ee3b3207d3a9f3e552738",
"magic": "Python script, ASCII text executable",
"last_analysis_results": {
"Bkav": {
"method": "blacklist",
"engine_name": "Bkav",
"engine_version": "2.0.0.1",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Lionic": {
"method": "blacklist",
"engine_name": "Lionic",
"engine_version": "8.16",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"MicroWorld-eScan": {
"method": "blacklist",
"engine_name": "MicroWorld-eScan",
"engine_version": "14.0.409.0",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"ClamAV": {
"method": "blacklist",
"engine_name": "ClamAV",
"engine_version": "1.4.2.0",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"CTX": {
"method": "blacklist",
"engine_name": "CTX",
"engine_version": "2024.8.29.1",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"CAT-QuickHeal": {
"method": "blacklist",
"engine_name": "CAT-QuickHeal",
"engine_version": "22.00",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Skyhigh": {
"method": "blacklist",
"engine_name": "Skyhigh",
"engine_version": "v2021.2.0+4045",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"McAfee": {
"method": "blacklist",
"engine_name": "McAfee",
"engine_version": "6.0.6.653",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Malwarebytes": {
"method": "blacklist",
"engine_name": "Malwarebytes",
"engine_version": "4.5.5.54",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Zillya": {
"method": "blacklist",
"engine_name": "Zillya",
"engine_version": "2.0.0.5291",
"engine_update": "20250131",
"category": "undetected",
"result": null
},
"Sangfor": {
"method": "blacklist",
"engine_name": "Sangfor",
"engine_version": "2.22.3.0",
"engine_update": "20250120",
"category": "undetected",
"result": null
},
"K7AntiVirus": {
"method": "blacklist",
"engine_name": "K7AntiVirus",
"engine_version": "12.215.54687",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"K7GW": {
"method": "blacklist",
"engine_name": "K7GW",
"engine_version": "12.215.54687",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"CrowdStrike": {
"method": "blacklist",
"engine_name": "CrowdStrike",
"engine_version": "1.0",
"engine_update": "20231026",
"category": "undetected",
"result": null
},
"Baidu": {
"method": "blacklist",
"engine_name": "Baidu",
"engine_version": "1.0.0.2",
"engine_update": "20190318",
"category": "undetected",
"result": null
},
"VirIT": {
"method": "blacklist",
"engine_name": "VirIT",
"engine_version": "9.5.882",
"engine_update": "20250131",
"category": "undetected",
"result": null
},
"Symantec": {
"method": "blacklist",
"engine_name": "Symantec",
"engine_version": "1.22.0.0",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"ESET-NOD32": {
"method": "blacklist",
"engine_name": "ESET-NOD32",
"engine_version": "30652",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"TrendMicro-HouseCall": {
"method": "blacklist",
"engine_name": "TrendMicro-HouseCall",
"engine_version": "10.0.0.1040",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Avast": {
"method": "blacklist",
"engine_name": "Avast",
"engine_version": "23.9.8494.0",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Cynet": {
"method": "blacklist",
"engine_name": "Cynet",
"engine_version": "4.0.3.4",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"GData": {
"method": "blacklist",
"engine_name": "GData",
"engine_version": "A:25.39749B:27.39129",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Kaspersky": {
"method": "blacklist",
"engine_name": "Kaspersky",
"engine_version": "22.0.1.28",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"BitDefender": {
"method": "blacklist",
"engine_name": "BitDefender",
"engine_version": "7.2",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"NANO-Antivirus": {
"method": "blacklist",
"engine_name": "NANO-Antivirus",
"engine_version": "1.0.146.25796",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"SUPERAntiSpyware": {
"method": "blacklist",
"engine_name": "SUPERAntiSpyware",
"engine_version": "5.6.0.1032",
"engine_update": "20250201",
"category": "undetected",
"result": null
},
"Tencent": {
"method": "blacklist",
"engine_name": "Tencent",
"engine_version": "1.0.0.1",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Emsisoft": {
"method": "blacklist",
"engine_name": "Emsisoft",
"engine_version": "2024.8.0.61147",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"F-Secure": {
"method": "blacklist",
"engine_name": "F-Secure",
"engine_version": "18.10.1547.307",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"DrWeb": {
"method": "blacklist",
"engine_name": "DrWeb",
"engine_version": "7.0.65.5230",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"VIPRE": {
"method": "blacklist",
"engine_name": "VIPRE",
"engine_version": "6.0.0.35",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"TrendMicro": {
"method": "blacklist",
"engine_name": "TrendMicro",
"engine_version": "11.0.0.1006",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"CMC": {
"method": "blacklist",
"engine_name": "CMC",
"engine_version": "2.4.2022.1",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Sophos": {
"method": "blacklist",
"engine_name": "Sophos",
"engine_version": "2.5.5.0",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"huorong": {
"method": "blacklist",
"engine_name": "huorong",
"engine_version": "7db1bd4:7db1bd4:2292584:2292584",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"FireEye": {
"method": "blacklist",
"engine_name": "FireEye",
"engine_version": "35.47.0.0",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Jiangmin": {
"method": "blacklist",
"engine_name": "Jiangmin",
"engine_version": "16.0.100",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Google": {
"method": "blacklist",
"engine_name": "Google",
"engine_version": "1738558825",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Avira": {
"method": "blacklist",
"engine_name": "Avira",
"engine_version": "8.3.3.20",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Antiy-AVL": {
"method": "blacklist",
"engine_name": "Antiy-AVL",
"engine_version": "3.0",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Kingsoft": {
"method": "blacklist",
"engine_name": "Kingsoft",
"engine_version": "None",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Gridinsoft": {
"method": "blacklist",
"engine_name": "Gridinsoft",
"engine_version": "1.0.206.174",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Xcitium": {
"method": "blacklist",
"engine_name": "Xcitium",
"engine_version": "37439",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Arcabit": {
"method": "blacklist",
"engine_name": "Arcabit",
"engine_version": "2022.0.0.18",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"ViRobot": {
"method": "blacklist",
"engine_name": "ViRobot",
"engine_version": "2014.3.20.0",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Microsoft": {
"method": "blacklist",
"engine_name": "Microsoft",
"engine_version": "1.1.24090.11",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Varist": {
"method": "blacklist",
"engine_name": "Varist",
"engine_version": "6.6.1.3",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"AhnLab-V3": {
"method": "blacklist",
"engine_name": "AhnLab-V3",
"engine_version": "3.27.0.10558",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Acronis": {
"method": "blacklist",
"engine_name": "Acronis",
"engine_version": "1.2.0.121",
"engine_update": "20240328",
"category": "undetected",
"result": null
},
"VBA32": {
"method": "blacklist",
"engine_name": "VBA32",
"engine_version": "5.3.1",
"engine_update": "20250131",
"category": "undetected",
"result": null
},
"ALYac": {
"method": "blacklist",
"engine_name": "ALYac",
"engine_version": "2.0.0.10",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"TACHYON": {
"method": "blacklist",
"engine_name": "TACHYON",
"engine_version": "2025-02-03.01",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Zoner": {
"method": "blacklist",
"engine_name": "Zoner",
"engine_version": "2.2.2.0",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Rising": {
"method": "blacklist",
"engine_name": "Rising",
"engine_version": "25.0.0.28",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"Yandex": {
"method": "blacklist",
"engine_name": "Yandex",
"engine_version": "5.5.2.24",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Ikarus": {
"method": "blacklist",
"engine_name": "Ikarus",
"engine_version": "6.3.30.0",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"MaxSecure": {
"method": "blacklist",
"engine_name": "MaxSecure",
"engine_version": "1.0.0.1",
"engine_update": "20250131",
"category": "undetected",
"result": null
},
"Fortinet": {
"method": "blacklist",
"engine_name": "Fortinet",
"engine_version": "None",
"engine_update": "20250203",
"category": "undetected",
"result": null
},
"AVG": {
"method": "blacklist",
"engine_name": "AVG",
"engine_version": "23.9.8494.0",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"Panda": {
"method": "blacklist",
"engine_name": "Panda",
"engine_version": "4.6.4.2",
"engine_update": "20250202",
"category": "undetected",
"result": null
},
"alibabacloud": {
"method": "blacklist",
"engine_name": "alibabacloud",
"engine_version": "2.2.0",
"engine_update": "20241030",
"category": "undetected",
"result": null
},
"Avast-Mobile": {
"method": "blacklist",
"engine_name": "Avast-Mobile",
"engine_version": "250202-00",
"engine_update": "20250202",
"category": "type-unsupported",
"result": null
},
"SymantecMobileInsight": {
"method": "blacklist",
"engine_name": "SymantecMobileInsight",
"engine_version": "2.0",
"engine_update": "20250124",
"category": "type-unsupported",
"result": null
},
"BitDefenderFalx": {
"method": "blacklist",
"engine_name": "BitDefenderFalx",
"engine_version": "2.0.936",
"engine_update": "20241203",
"category": "type-unsupported",
"result": null
},
"McAfeeD": {
"method": "blacklist",
"engine_name": "McAfeeD",
"engine_version": "1.2.0.7977",
"engine_update": "20250203",
"category": "type-unsupported",
"result": null
},
"DeepInstinct": {
"method": "blacklist",
"engine_name": "DeepInstinct",
"engine_version": "5.0.0.8",
"engine_update": "20250202",
"category": "type-unsupported",
"result": null
},
"Webroot": {
"method": "blacklist",
"engine_name": "Webroot",
"engine_version": "1.9.0.8",
"engine_update": "20240910",
"category": "type-unsupported",
"result": null
},
"APEX": {
"method": "blacklist",
"engine_name": "APEX",
"engine_version": "6.619",
"engine_update": "20250201",
"category": "type-unsupported",
"result": null
},
"Paloalto": {
"method": "blacklist",
"engine_name": "Paloalto",
"engine_version": "0.9.0.1003",
"engine_update": "20250203",
"category": "type-unsupported",
"result": null
},
"Alibaba": {
"method": "blacklist",
"engine_name": "Alibaba",
"engine_version": "0.3.0.5",
"engine_update": "20190527",
"category": "type-unsupported",
"result": null
},
"Trapmine": {
"method": "blacklist",
"engine_name": "Trapmine",
"engine_version": "4.0.3.0",
"engine_update": "20250113",
"category": "type-unsupported",
"result": null
},
"Cylance": {
"method": "blacklist",
"engine_name": "Cylance",
"engine_version": "3.0.0.0",
"engine_update": "20250109",
"category": "type-unsupported",
"result": null
},
"SentinelOne": {
"method": "blacklist",
"engine_name": "SentinelOne",
"engine_version": "25.1.1.1",
"engine_update": "20250114",
"category": "type-unsupported",
"result": null
},
"tehtris": {
"method": "blacklist",
"engine_name": "tehtris",
"engine_version": "v0.1.4",
"engine_update": "20250203",
"category": "type-unsupported",
"result": null
},
"Trustlook": {
"method": "blacklist",
"engine_name": "Trustlook",
"engine_version": "1.0",
"engine_update": "20250203",
"category": "type-unsupported",
"result": null
},
"Elastic": {
"method": "blacklist",
"engine_name": "Elastic",
"engine_version": "4.0.184",
"engine_update": "20250129",
"category": "type-unsupported",
"result": null
}
},
"tlsh": "T1194175E3894434A71B2640E135D8CA15322B091FDD494BD0F9FC81E62BC28CE91E0979",
"filecondis": {
"dhash": "f8a8e89cac4c0080",
"raw_md5": "98725b4e1d44e79477286e1b8f5a71c3"
},
"names": [
"temp.txt"
],
"type_tag": "python",
"magika": "TXT",
"ssdeep": "24:3JyHbMZqO7QBqb64ZqfF6bFSZqmfqn3oEH+EUHw+qCoN/VHsskFwsccf2okd8jSk:0M/MifzALfqn3oC+TQ1HkFJbzSEDYxm",
"last_analysis_date": 1738562484,
"meaningful_name": "temp.txt",
"size": 2254,
"type_tags": [
"source",
"python"
],
"sha256": "49e29cd7c390097a4befdd6bb8c2cc5afb1cb4716c1f5f81c37eabfc1e7c0d1a",
"last_analysis_stats": {
"malicious": 0,
"suspicious": 0,
"undetected": 61,
"harmless": 0,
"timeout": 0,
"confirmed-timeout": 0,
"failure": 0,
"type-unsupported": 15
},
"first_submission_date": 1738562484,
"type_description": "Python",
"reputation": 0
}
}
}
Analyze IP Address
Retrieves an IP address report
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Column Name | Name of the column in the parent table containing IP address to submit to VirusTotal. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: analysis details
{
"asn": 7922,
"undetected_urls": [
[
"http://cet-nat.comcastcntr.pa.bo.comcast.net/",
"2521651e23393ea13e2817a4afee4847b3d35f4d2df2b5917ca332294b5aafd2",
0,
70,
"2019-07-11 10:00:22"
]
],
"undetected_downloaded_samples": [],
"country": "US",
"response_code": 1,
"as_owner": "Comcast Cable Communications, LLC",
"detected_referrer_samples": [],
"verbose_msg": "IP address in dataset",
"detected_downloaded_samples": [],
"undetected_referrer_samples": [
{
"date": "2020-04-22 23:08:01",
"positives": 0,
"total": 75,
"sha256": "7206af0ae424df1f3eddf9198a38e24facfa3fb87fd0cff1d3991141efc1e7b7"
}
],
"detected_urls": [],
"resolutions": [
{
"last_resolved": "2019-07-11 10:03:20",
"hostname": "cet-nat.comcastcntr.pa.bo.comcast.net"
}
],
"error": null,
"has_error": false
}
Analyze URL
Analyze URL by VirusTotal
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Action Type | Select an action type. | Required |
| Column Name | Select the name of the column in the parent table containing the domain to submit to VirusTotal. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: analysis details
{
"exit_code": "0",
"result": {
"data": {
"id": "u-dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf-1738924348",
"type": "analysis",
"links": {
"self": "https://www.virustotal.com/api/v3/analyses/u-dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf-1738924348",
"item": "https://www.virustotal.com/api/v3/urls/dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf"
},
"attributes": {
"status": "completed",
"date": 1738924348,
"results": {
"Artists Against 419": {
"method": "blacklist",
"engine_name": "Artists Against 419",
"category": "harmless",
"result": "clean"
},
"Acronis": {
"method": "blacklist",
"engine_name": "Acronis",
"category": "harmless",
"result": "clean"
},
"Abusix": {
"method": "blacklist",
"engine_name": "Abusix",
"category": "harmless",
"result": "clean"
},
"ADMINUSLabs": {
"method": "blacklist",
"engine_name": "ADMINUSLabs",
"category": "harmless",
"result": "clean"
},
"Lionic": {
"method": "blacklist",
"engine_name": "Lionic",
"category": "harmless",
"result": "clean"
},
"Criminal IP": {
"method": "blacklist",
"engine_name": "Criminal IP",
"category": "harmless",
"result": "clean"
},
"AILabs (MONITORAPP)": {
"method": "blacklist",
"engine_name": "AILabs (MONITORAPP)",
"category": "harmless",
"result": "clean"
},
"AlienVault": {
"method": "blacklist",
"engine_name": "AlienVault",
"category": "harmless",
"result": "clean"
},
"alphaMountain.ai": {
"method": "blacklist",
"engine_name": "alphaMountain.ai",
"category": "harmless",
"result": "clean"
},
"AlphaSOC": {
"method": "blacklist",
"engine_name": "AlphaSOC",
"category": "undetected",
"result": "unrated"
},
"Antiy-AVL": {
"method": "blacklist",
"engine_name": "Antiy-AVL",
"category": "harmless",
"result": "clean"
},
"ArcSight Threat Intelligence": {
"method": "blacklist",
"engine_name": "ArcSight Threat Intelligence",
"category": "harmless",
"result": "clean"
},
"AutoShun": {
"method": "blacklist",
"engine_name": "AutoShun",
"category": "undetected",
"result": "unrated"
},
"Axur": {
"method": "blacklist",
"engine_name": "Axur",
"category": "undetected",
"result": "unrated"
},
"benkow.cc": {
"method": "blacklist",
"engine_name": "benkow.cc",
"category": "harmless",
"result": "clean"
},
"Bfore.Ai PreCrime": {
"method": "blacklist",
"engine_name": "Bfore.Ai PreCrime",
"category": "harmless",
"result": "clean"
},
"BitDefender": {
"method": "blacklist",
"engine_name": "BitDefender",
"category": "harmless",
"result": "clean"
},
"Bkav": {
"method": "blacklist",
"engine_name": "Bkav",
"category": "undetected",
"result": "unrated"
},
"BlockList": {
"method": "blacklist",
"engine_name": "BlockList",
"category": "harmless",
"result": "clean"
},
"Blueliv": {
"method": "blacklist",
"engine_name": "Blueliv",
"category": "harmless",
"result": "clean"
},
"Certego": {
"method": "blacklist",
"engine_name": "Certego",
"category": "harmless",
"result": "clean"
},
"Chong Lua Dao": {
"method": "blacklist",
"engine_name": "Chong Lua Dao",
"category": "harmless",
"result": "clean"
},
"CINS Army": {
"method": "blacklist",
"engine_name": "CINS Army",
"category": "harmless",
"result": "clean"
},
"Snort IP sample list": {
"method": "blacklist",
"engine_name": "Snort IP sample list",
"category": "harmless",
"result": "clean"
},
"Cluster25": {
"method": "blacklist",
"engine_name": "Cluster25",
"category": "undetected",
"result": "unrated"
},
"CMC Threat Intelligence": {
"method": "blacklist",
"engine_name": "CMC Threat Intelligence",
"category": "harmless",
"result": "clean"
},
"Xcitium Verdict Cloud": {
"method": "blacklist",
"engine_name": "Xcitium Verdict Cloud",
"category": "undetected",
"result": "unrated"
},
"CRDF": {
"method": "blacklist",
"engine_name": "CRDF",
"category": "harmless",
"result": "clean"
},
"CSIS Security Group": {
"method": "blacklist",
"engine_name": "CSIS Security Group",
"category": "undetected",
"result": "unrated"
},
"Cyan": {
"method": "blacklist",
"engine_name": "Cyan",
"category": "undetected",
"result": "unrated"
},
"Cyble": {
"method": "blacklist",
"engine_name": "Cyble",
"category": "harmless",
"result": "clean"
},
"CyRadar": {
"method": "blacklist",
"engine_name": "CyRadar",
"category": "harmless",
"result": "clean"
},
"desenmascara.me": {
"method": "blacklist",
"engine_name": "desenmascara.me",
"category": "harmless",
"result": "clean"
},
"DNS8": {
"method": "blacklist",
"engine_name": "DNS8",
"category": "harmless",
"result": "clean"
},
"Dr.Web": {
"method": "blacklist",
"engine_name": "Dr.Web",
"category": "harmless",
"result": "clean"
},
"Emsisoft": {
"method": "blacklist",
"engine_name": "Emsisoft",
"category": "harmless",
"result": "clean"
},
"Ermes": {
"method": "blacklist",
"engine_name": "Ermes",
"category": "undetected",
"result": "unrated"
},
"ESET": {
"method": "blacklist",
"engine_name": "ESET",
"category": "harmless",
"result": "clean"
},
"ESTsecurity": {
"method": "blacklist",
"engine_name": "ESTsecurity",
"category": "harmless",
"result": "clean"
},
"EmergingThreats": {
"method": "blacklist",
"engine_name": "EmergingThreats",
"category": "harmless",
"result": "clean"
},
"Feodo Tracker": {
"method": "blacklist",
"engine_name": "Feodo Tracker",
"category": "harmless",
"result": "clean"
},
"Fortinet": {
"method": "blacklist",
"engine_name": "Fortinet",
"category": "harmless",
"result": "clean"
},
"G-Data": {
"method": "blacklist",
"engine_name": "G- Data",
"category": "harmless",
"result": "clean"
},
"Google Safebrowsing": {
"method": "blacklist",
"engine_name": "Google Safebrowsing",
"category": "harmless",
"result": "clean"
},
"GCP Abuse Intelligence": {
"method": "blacklist",
"engine_name": "GCP Abuse Intelligence",
"category": "undetected",
"result": "unrated"
},
"GreenSnow": {
"method": "blacklist",
"engine_name": "GreenSnow",
"category": "harmless",
"result": "clean"
},
"Gridinsoft": {
"method": "blacklist",
"engine_name": "Gridinsoft",
"category": "undetected",
"result": "unrated"
},
"Heimdal Security": {
"method": "blacklist",
"engine_name": "Heimdal Security",
"category": "harmless",
"result": "clean"
},
"Hunt.io Intelligence": {
"method": "blacklist",
"engine_name": "Hunt.io Intelligence",
"category": "undetected",
"result": "unrated"
},
"IPsum": {
"method": "blacklist",
"engine_name": "IPsum",
"category": "harmless",
"result": "clean"
},
"Juniper Networks": {
"method": "blacklist",
"engine_name": "Juniper Networks",
"category": "harmless",
"result": "clean"
},
"Kaspersky": {
"method": "blacklist",
"engine_name": "Kaspersky",
"category": "harmless",
"result": "clean"
},
"Lumu": {
"method": "blacklist",
"engine_name": "Lumu",
"category": "undetected",
"result": "unrated"
},
"Malwared": {
"method": "blacklist",
"engine_name": "Malwared",
"category": "harmless",
"result": "clean"
},
"MalwareURL": {
"method": "blacklist",
"engine_name": "MalwareURL",
"category": "undetected",
"result": "unrated"
},
"MalwarePatrol": {
"method": "blacklist",
"engine_name": "MalwarePatrol",
"category": "harmless",
"result": "clean"
},
"malwares.com URL checker": {
"method": "blacklist",
"engine_name": "malwares.com URL checker",
"category": "harmless",
"result": "clean"
},
"Netcraft": {
"method": "blacklist",
"engine_name": "Netcraft",
"category": "undetected",
"result": "unrated"
},
"OpenPhish": {
"method": "blacklist",
"engine_name": "OpenPhish",
"category": "harmless",
"result": "clean"
},
"0xSI_f33d": {
"method": "blacklist",
"engine_name": "0xSI_f33d",
"category": "undetected",
"result": "unrated"
},
"Phishing Database": {
"method": "blacklist",
"engine_name": "Phishing Database",
"category": "harmless",
"result": "clean"
},
"PhishFort": {
"method": "blacklist",
"engine_name": "PhishFort",
"category": "undetected",
"result": "unrated"
},
"PhishLabs": {
"method": "blacklist",
"engine_name": "PhishLabs",
"category": "undetected",
"result": "unrated"
},
"Phishtank": {
"method": "blacklist",
"engine_name": "Phishtank",
"category": "harmless",
"result": "clean"
},
"PREBYTES": {
"method": "blacklist",
"engine_name": "PREBYTES",
"category": "harmless",
"result": "clean"
},
"PrecisionSec": {
"method": "blacklist",
"engine_name": "PrecisionSec",
"category": "undetected",
"result": "unrated"
},
"Quick Heal": {
"method": "blacklist",
"engine_name": "Quick Heal",
"category": "harmless",
"result": "clean"
},
"Quttera": {
"method": "blacklist",
"engine_name": "Quttera",
"category": "harmless",
"result": "clean"
},
"Rising": {
"method": "blacklist",
"engine_name": "Rising",
"category": "harmless",
"result": "clean"
},
"SafeToOpen": {
"method": "blacklist",
"engine_name": "SafeToOpen",
"category": "undetected",
"result": "unrated"
},
"Sangfor": {
"method": "blacklist",
"engine_name": "Sangfor",
"category": "harmless",
"result": "clean"
},
"Sansec eComscan": {
"method": "blacklist",
"engine_name": "Sansec eComscan",
"category": "undetected",
"result": "unrated"
},
"Scantitan": {
"method": "blacklist",
"engine_name": "Scantitan",
"category": "harmless",
"result": "clean"
},
"SCUMWARE.org": {
"method": "blacklist",
"engine_name": "SCUMWARE.org",
"category": "harmless",
"result": "clean"
},
"Seclookup": {
"method": "blacklist",
"engine_name": "Seclookup",
"category": "harmless",
"result": "clean"
},
"SOCRadar": {
"method": "blacklist",
"engine_name": "SOCRadar",
"category": "harmless",
"result": "clean"
},
"Sophos": {
"method": "blacklist",
"engine_name": "Sophos",
"category": "harmless",
"result": "clean"
},
"Spam404": {
"method": "blacklist",
"engine_name": "Spam404",
"category": "harmless",
"result": "clean"
},
"StopForumSpam": {
"method": "blacklist",
"engine_name": "StopForumSpam",
"category": "harmless",
"result": "clean"
},
"Sucuri SiteCheck": {
"method": "blacklist",
"engine_name": "Sucuri SiteCheck",
"category": "harmless",
"result": "clean"
},
"securolytics": {
"method": "blacklist",
"engine_name": "securolytics",
"category": "harmless",
"result": "clean"
},
"Threatsourcing": {
"method": "blacklist",
"engine_name": "Threatsourcing",
"category": "harmless",
"result": "clean"
},
"ThreatHive": {
"method": "blacklist",
"engine_name": "ThreatHive",
"category": "harmless",
"result": "clean"
},
"Trustwave": {
"method": "blacklist",
"engine_name": "Trustwave",
"category": "harmless",
"result": "clean"
},
"Underworld": {
"method": "blacklist",
"engine_name": "Underworld",
"category": "undetected",
"result": "unrated"
},
"URLhaus": {
"method": "blacklist",
"engine_name": "URLhaus",
"category": "harmless",
"result": "clean"
},
"URLQuery": {
"method": "blacklist",
"engine_name": "URLQuery",
"category": "harmless",
"result": "clean"
},
"Viettel Threat Intelligence": {
"method": "blacklist",
"engine_name": "Viettel Threat Intelligence",
"category": "harmless",
"result": "clean"
},
"VIPRE": {
"method": "blacklist",
"engine_name": "VIPRE",
"category": "undetected",
"result": "unrated"
},
"ViriBack": {
"method": "blacklist",
"engine_name": "ViriBack",
"category": "harmless",
"result": "clean"
},
"VX Vault": {
"method": "blacklist",
"engine_name": "VX Vault",
"category": "harmless",
"result ": "clean"
},
"Webroot": {
"method": "blacklist",
"engine_name": "Webroot",
"category": "harmless",
"result": "clean"
},
"Forcepoint ThreatSeeker": {
"method": "blacklist",
"engine_name": "Forcepoint ThreatSeeker",
"category": "harmless",
"result": "clean"
},
"Yandex Safebrowsing": {
"method": "blacklist",
"engine_name": "Yandex Safebrowsing",
"category": "harmless",
"result": "clean"
},
"ZeroCERT": {
"method": "blacklist",
"engine_name": "ZeroCERT",
"category": "harmless",
"result": "clean"
},
"ZeroFox": {
"method": "blacklist",
"engine_name": "ZeroFox",
"category": "undetected",
"result": "unrated"
}
},
"stats": {
"malicious": 0,
"suspicious": 0,
"undetected": 24,
"harmless": 72,
"timeout": 0
}
}
},
"meta": {
"url_info": {
"id": "dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf",
"url": "http://www.google.com/"
},
"file_info": {
"sha256": "f7e4aae30ab2bda60bead5fd5a29a36685d768df007d3399d3047768babae200"
}
},
"error": null,
"has_error": false
},
"stdout": "",
"stderr": "",
"md5_of_file": "cdecd218aa40170be28946d549f0dbe8",
"URL": "www.google.com",
"domain": "google.com",
"url_analysis_id": "u-dd014af5ed6b38d9130e3f466f850e46d21b951199d53a18ef29ee9341614eaf-1738835692",
"ip": "8.8.8.8"
}
Analyze File
Analyze File by VirusTotal
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Action Type | Select an action type. | Required |
| Column Name | Jinja templated text containing either File ID to submit for scan or analysis ID of already submitted file to get report. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: analysis details
{
"exit_code": "0",
"result": {
"data": {
"type": "analysis",
"id": "MjkzN2Q0OTg3NzU3NTU2Y2E2Mzg2NzI0ZDEzY2QyOWI6MTczOTI2NTE2Mw==",
"links": {
"self": "https://www.virustotal.com/api/v3/analyses/MjkzN2Q0OTg3NzU3NTU2Y2E2Mzg2NzI0ZDEzY2QyOWI6MTczOTI2NTE2Mw=="
}
},
"error": null,
"has_error": false
},
"stdout": "",
"stderr": "",
"fileId": "7e3f03ee0ca5493cb65a95d3fae8468a"
}```
## Intelligence Search
Search for files (the action is data-heavy, so please try to reduce the limit or increase action timeout in case of timeout error).
### Input
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Argument Name | Description | Required |
| :------------ | :----------------------------------------------------------------------------------------- | :------- |
| Search Query | [Jinja-Templated](doc:jinja-template) text containing the Search Query. Example: {{query}} | Required |
| Limit | Number of results to return (Default is 100000) | Optional |
### Output
A JSON object containing multiple rows of result.
```json
{
"attributes": {
"creation_date": 51351,
"downloadable": true,
"exiftool": {
"Trapped": "False",
},
"first_submission_date": 1638251100,
"last_analysis_date": 1638257416,
"last_analysis_results": "some_object",
"last_modification_date": 1638258704,
"last_submission_date": 1638257416,
"magic": "PDF document, version 1.7",
"md5": "md5_hash",
"meaningful_name": "/tmp/meaning.tmp",
"names": "name_array",
"pdf_info": "info_object",
"reputation": 0,
"sha1": "sha1_example",
"sha256": "sha256_example",
"size": 2303072,
"ssdeep": "example",
"tags": [
"pdf",
"autoaction"
],
"times_submitted": 2,
"tlsh": "some_text",
"total_votes": {
"harmless": 0,
"malicious": 0
},
"links": {
"self": "https://www.virustotal.com/api/v3/files/sample_id"
},
"has_error": false,
"id": "sample_id",
"error": null,
"type": "file"
}
Additional Information
- If you face a timeout error please increase the Action Timeout (Default is 360 seconds).
File Behavior Reports
Get all behavioural information from each sandbox about the file.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| File Hash | Jinja-templated text containing the File Hash | Required |
Output
JSON containing the following items:
{
"data": [
{
"attributes": {
"verdicts": [
"UNKNOWN_VERDICT"
],
"has_pcap": false,
"analysis_date": 1669409515,
"processes_tree": [
{
"process_id": "2248",
"name": "%windir%\\System32\\svchost.exe -k WerSvcGroup"
},
{
"process_id": "2940",
"name": "wmiadap.exe /F /T /R"
},
{
"process_id": "2988",
"name": "%windir%\\system32\\wbem\\wmiprvse.exe"
},
{
"process_id": "2676",
"name": "%SAMPLEPATH%"
}
],
"sandbox_name": "C2AE",
"has_html_report": false,
"processes_terminated": [
"%windir%\\System32\\svchost.exe -k WerSvcGroup",
"wmiadap.exe /F /T /R"
],
"behash": "7eb58e30b74038daa9b31b5d9df78cf2",
"has_evtx": false,
"last_modification_date": 1669495931,
"has_memdump": false
},
"type": "file_behaviour",
"id": "hash",
"links": {
"self": "https://www.virustotal.com/api/v3/file_behaviours/{hash}}"
}
},
],
"links": {
"self": "https://www.virustotal.com/api/v3/files/{hash}/behaviours?limit=10"
}
}
Summarise File Behavior Reports
Get a summary with behavioural information about the file. The summary consists in merging together the reports produced by the multiple sandboxes we have integrated in VirusTotal.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| File Hash | Jinja-templated text containing the File Hash | Required |
Output
JSON containing the following items:
{
"data": {
"calls_highlighted": [
"GetTickCount"
],
"files_opened": [
"C:\\WINDOWS\\system32\\winime32.dll",
"C:\\WINDOWS\\system32\\lpk.dll",
"C:\\WINDOWS\\system32\\usp10.dll",
"C:\\WINDOWS\\WinSxS\\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\\comctl32.dll",
"C:\\WINDOWS\\system32\\winmm.dll",
"C:\\WINDOWS\\system32\\winspool.drv",
"C:\\WINDOWS\\WindowsShell.Manifest",
],
"modules_loaded": [
"comctl32.dll",
"C:\\WINDOWS\\system32\\ws2_32.dll",
"version.dll",
"USER32.dll",
"IMM32.dll",
"C:\\WINDOWS\\system32\\user32.dll"
],
"mutexes_created": [
"CTF.LBES.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500",
"CTF.Compart.MutexDefaultS-1-5-21-1482476501-1645522239-1417001333-500",
"CTF.TimListCache.FMPDefaultS-1-5-21-1482476501-1645522239-1417001333-500MUTEX.DefaultS-1-5-21-1482476501-1645522239-1417001333-500",
"MSCTF.Shared.MUTEX.EBH"
],
"mutexes_opened": [
"ShimCacheMutex"
],
"processes_terminated": [
"C:\\Documents and Settings\\Administrator\\Local Settings\\Temp\\EB93A6\\996E.exe"
],
"processes_tree": [
{
"name": "****.exe",
"process_id": "1036"
},
{
"name": "9f9e74241d59eccfe7040bfdcbbceacb374eda397cc53a4197b59e4f6f380a91.exe",
"process_id": "2340"
}
],
"registry_keys_opened": [
"\\Registry\\Machine\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\996E.exe",
"\\REGISTRY\\MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Safer\\CodeIdentifiers\\TransparentEnabled",
"\\REGISTRY\\USER\\S-1-5-21-1482476501-1645522239-1417001333-500\\Software\\Policies\\Microsoft\\Windows\\Safer\\CodeIdentifiers",
"\\Registry\\Machine\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\COMCTL32.dll",
"\\Registry\\Machine\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\SHELL32.dll",
"\\REGISTRY\\MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Drivers32\\wave5"
],
"tags": [
"DIRECT_CPU_CLOCK_ACCESS",
"RUNTIME_MODULES"
],
"text_highlighted": [
"&Open",
"&Cancel",
"&About",
"Cate&gory:",
"Host &Name (or IP address)",
"&Port",
"22",
"Connection type:",
"Ra&w",
"&Telnet",
"Rlog&in"
]
}
}
Release Notes
v1.0.2- Introduction of Virus Total v2 integration to integrate viruTotal v3 APIs
Updated 9 days ago