VirusTotal - Private API Deprecated
Deprecated. Use "VirusTotal (API v3)" or "VirusTotal - Premium (API v3)" integrations instead.
Data Enrichment & Threat Intelligence · VirusTotal - Private API (Deprecated)
Configuration parameters
APIKey— Virus Total private API key (required)useProxy— Use system proxy settingsinsecure— Trust any certificate (not secure)fileThreshold— File Threshold. Minimum number of positive results from VT scanners to consider the file malicious.ipThreshold— IP Threshold. Minimum number of positive results from VT scanners to consider the IP malicious.urlThreshold— URL Threshold. Minimum number of positive results from VT scanners to consider the URL malicious.domainThreshold— Domain Threshold. Minimum number of positive results from VT scanners to consider the domain malicious.preferredVendors— Preferred Vendors List. List of vendors which are considered more trustworthy, comma separated.preferredVendorsThreshold— Preferred Vendor Threshold. The minimal number of highly trusted vendors needed to consider a domain, IP, URL or file as malicious.fullResponseGlobal— Determines whether to return all results, which can number in the thousands. If "true", returns all results and overrides the _fullResponse_ argument (if set to "false") in a command. If "false", the fullResponse argument in the command determines how results are returned.
Commands (8)
-
vt-private-check-file-behaviourVirusTotal runs a distributed setup of Cuckoo sandbox machines that execute the files we receive. This API allows you to retrieve the full JSON report of the file's execution as returned by the Cuckoo JSON report encoder.
-
vt-private-download-fileDownloads a file from VirusTotal's store given one of its hashes. This call can be used in conjuction with the file searching call in order to download samples that match a given set of criteria.
-
vt-private-get-domain-reportRetrieves a report on a given domain (including the information recorded by VirusTotal's passive DNS infrastructure). If the domain doesn't exist in VT's dataset you would need to use Virus Total's (Public API integration) url-scan command
-
vt-private-get-file-reportRetrieves a concluded file scan report for a given file.
-
vt-private-get-ip-reportRetrieves a report on a given IP address (including the information recorded by VirusTotal's Passive DNS infrastructure).
-
vt-private-get-url-reportRetrieves a concluded url scan report for a given url.
-
vt-private-hash-communicationReturn all Domains, IPs, URLs that a given hash of malware communicates with
-
vt-private-search-fileThis command is equivalent to VirusTotal Intelligence advanced searches. A very wide variety of search modifiers are available, including: file size, file type, first submission date to VirusTotal, last submission date to VirusTotal, number of positives, dynamic behavioural properties, binary content, submission file name, and a very long etcetera. The full list of search modifiers allowed for file search queries is documented at: https://www.virustotal.com/intelligence/help/file-search/#search-modifiers