Virustotal
Jump to navigation
Jump to search
DRAFT
This page is still a draft. Thank you for your understanding.
Description
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.
Usage
Submit a file
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.
Submit a URL
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.
python submission script
Here is a short python script I have written to automatize the submission of infected files to virustotal. All you have to do is to replace the apikey with yours!
$ cat virustotal.py #!/usr/bin/env python import simplejson import urllib import urllib2 import sys if len(sys.argv)!=2: print "Usage: ./virustotal.py file" sys.exit() url = "https://www.virustotal.com/vtapi/v2/file/report" parameters = {"resource": sys.argv[1], "apikey": "a1b2c3d4e5f6g7h8i9g0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6"} data = urllib.urlencode(parameters) req = urllib2.Request(url, data) response = urllib2.urlopen(req) json = response.read() response_dict = simplejson.loads(json) print "Detection:\t%s/%s" % (response_dict.get('positives'), response_dict.get('total')) for k, v in response_dict.get("scans", {}).iteritems(): if v.get('detected'): print '{:<25} {:<30}'.format(k, v.get('result'))
Here is an example:
$ ./virustotal.py eb5199dfe75871f260433af9b96bd165 Detection: 42/44 MicroWorld-eScan Trojan.Waledac.Gen.1 nProtect Trojan/W32.Small.25088.Q CAT-QuickHeal Trojan.Small.bte McAfee W32/Waledac.gen.b K7AntiVirus Virus TheHacker Trojan/Small.bte NANO-Antivirus Trojan.Win32.Small.syuu F-Prot W32/Waledac.3!Generic Symantec Trojan Horse Norman Waledac.M TotalDefense Win32/Waledac.BW TrendMicro-HouseCall TSPY_ZBOT.SMR Avast Win32:Walpak [Cryp] eSafe Win32.Banker ClamAV Trojan.Small-8676 Kaspersky Trojan.Win32.Small.bte BitDefender Trojan.Waledac.Gen.1 Agnitum Trojan.Waledac.Gen!Pac.4 Emsisoft Trojan.Waledac.Gen.1 (B) Comodo EmailWorm.Win32.Iksmas.~PKC F-Secure Packed:W32/Waledac.gen!C DrWeb Trojan.Botnetlog.1 VIPRE Trojan.Win32.Small.bte AntiVir Worm/Waledac.F TrendMicro TSPY_ZBOT.SMR McAfee-GW-Edition W32/Waledac.gen.b Sophos Mal/WaledPak-A Jiangmin Trojan/Small.giw Antiy-AVL Trojan/Win32.Small.gen Kingsoft Win32.Troj.Small.(kcloud) Microsoft TrojanDownloader:Win32/Bredolab.B ViRobot Trojan.Win32.Small.25088.G GData Trojan.Waledac.Gen.1 Commtouch W32/Waledac.3!Generic ESET-NOD32 Win32/TrojanDownloader.Small.OJX VBA32 Malware-Cryptor.Win32.Kmet PCTools Trojan.Generic Rising Trojan.Spy.Win32.Agent.epj Ikarus Email-Worm.Win32.Iksmas Fortinet W32/Waledac.fam!worm AVG Injector.CD Panda Trj/Genetic.gen