Virustotal

From aldeid
Jump to navigation Jump to search
DRAFT
This page is still a draft. Thank you for your understanding.

Description

INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Usage

Submit a file

INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Submit a URL

INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.

python submission script

Here is a short python script I have written to automatize the submission of infected files to virustotal. All you have to do is to replace the apikey with yours! 

$ cat virustotal.py 
#!/usr/bin/env python
import simplejson
import urllib
import urllib2
import sys

if len(sys.argv)!=2:
    print "Usage: ./virustotal.py file"
    sys.exit()

url = "https://www.virustotal.com/vtapi/v2/file/report"
parameters = {"resource": sys.argv[1],
              "apikey": "a1b2c3d4e5f6g7h8i9g0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6"}
data = urllib.urlencode(parameters)
req = urllib2.Request(url, data)
response = urllib2.urlopen(req)
json = response.read()

response_dict = simplejson.loads(json)
print "Detection:\t%s/%s" % (response_dict.get('positives'), response_dict.get('total'))
for k, v in response_dict.get("scans", {}).iteritems():
    if v.get('detected'):
        print '{:<25} {:<30}'.format(k, v.get('result'))

Here is an example: 

$ ./virustotal.py eb5199dfe75871f260433af9b96bd165
Detection:	42/44
MicroWorld-eScan          Trojan.Waledac.Gen.1          
nProtect                  Trojan/W32.Small.25088.Q      
CAT-QuickHeal             Trojan.Small.bte              
McAfee                    W32/Waledac.gen.b             
K7AntiVirus               Virus                         
TheHacker                 Trojan/Small.bte              
NANO-Antivirus            Trojan.Win32.Small.syuu       
F-Prot                    W32/Waledac.3!Generic         
Symantec                  Trojan Horse                  
Norman                    Waledac.M                     
TotalDefense              Win32/Waledac.BW              
TrendMicro-HouseCall      TSPY_ZBOT.SMR                 
Avast                     Win32:Walpak [Cryp]           
eSafe                     Win32.Banker                  
ClamAV                    Trojan.Small-8676             
Kaspersky                 Trojan.Win32.Small.bte        
BitDefender               Trojan.Waledac.Gen.1          
Agnitum                   Trojan.Waledac.Gen!Pac.4      
Emsisoft                  Trojan.Waledac.Gen.1 (B)      
Comodo                    EmailWorm.Win32.Iksmas.~PKC   
F-Secure                  Packed:W32/Waledac.gen!C      
DrWeb                     Trojan.Botnetlog.1            
VIPRE                     Trojan.Win32.Small.bte        
AntiVir                   Worm/Waledac.F                
TrendMicro                TSPY_ZBOT.SMR                 
McAfee-GW-Edition         W32/Waledac.gen.b             
Sophos                    Mal/WaledPak-A                
Jiangmin                  Trojan/Small.giw              
Antiy-AVL                 Trojan/Win32.Small.gen        
Kingsoft                  Win32.Troj.Small.(kcloud)     
Microsoft                 TrojanDownloader:Win32/Bredolab.B
ViRobot                   Trojan.Win32.Small.25088.G    
GData                     Trojan.Waledac.Gen.1          
Commtouch                 W32/Waledac.3!Generic         
ESET-NOD32                Win32/TrojanDownloader.Small.OJX
VBA32                     Malware-Cryptor.Win32.Kmet    
PCTools                   Trojan.Generic                
Rising                    Trojan.Spy.Win32.Agent.epj    
Ikarus                    Email-Worm.Win32.Iksmas       
Fortinet                  W32/Waledac.fam!worm          
AVG                       Injector.CD                   
Panda                     Trj/Genetic.gen
Retrieved from "https://www.aldeid.com/w/index.php?title=Virustotal&oldid=19571"