IRP Playbooks
  • Initial page
  • Output Types
    • Number (Num)
    • Arrays
    • Objects
    • HR (Human Readable)
  • Components
    • Notifications
      • Send SMS
    • Start Playbook (Required)
      • Incident
    • Investigation
      • SearchEvents
      • SearchLogs
      • SearchWatchList
      • SearchIncidentData
    • Incident Response
      • AbuseEmail
    • Mange Incident
      • AddNote
      • Resolve
      • Escalate
      • AddToWatchList
    • Enrichements
      • Virustotal
      • ThreatIntel
      • WhoisURL
      • GeoIP
      • DomainAvailability
    • Filters
      • Each
    • Controls
      • PublicIp
  • Version
    • Changelog
Powered by GitBook
On this page
  • Inputs
  • Outputs
  1. Components
  2. Enrichements

Virustotal

Analyze suspicious files and URLs to detect types of malware

PreviousEnrichementsNextThreatIntel

Last updated 4 years ago

Inputs

  • SHA256 Input

Outputs

  • Filename

  • Malicious (Num)

  • Undetected (Num)

Analysis Stats (Object)

{
    "confirmed-timeout": 0,
    "failure": 0,
    "harmless": 0,
    "malicious": 0,
    "suspicious": 0,
    "timeout": 0,
    "type-unsupported": 15,
    "undetected": 60
}

Results (HR)

Filename: standalone-framework.js
Generator: Microsoft Corporation
Organization: Microsoft Corporation
Malicious: 0
Undetected: 60
Unsupported: undefined
Suspicious: 0
Meaningful Name: standalone-framework.js
First Submission Date: Thu Mar 05 2009 12:45:38 GMT+0000 (Coordinated Universal Time)
Last Analisys Date: Tue Sep 29 2020 11:40:37 GMT+0000 (Coordinated Universal Time)
Reputation: -539
Tags: nsrl,attachment,trusted,via-tor
Times Submitted: 12416
Unique Sources: 967
SSDeep: 3:v:v
Magic: very short file (no magic)
MD5: 68b329da9893e34099c7d8ad5cb9c940
SHA1: adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
SHA256: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Analysis Stats (Object)
Results (HR)