Skip to content

Hashdd#

README

Hashdd#

Hashdd search engine for file hashes which automatically queries 3rd party services like VirusTotal and enriches the information provided based on the 3rd party data.

The analyzer includes two flavors: Status and Detail. The first one is used to query hashdd without an API key for the threat level only. The latter produces additional meta information about the sample, but requires an API key.

Requirements#

A valid Hashdd API is necessary just for detail flavour, for status can still be added.

  • Provide your API key as values for the key parameter.

Hashdd_Detail#

Author: iosonogio, dadokkio
License: AGPLv3
Version: 2.0
Supported observables types:
- hash
Registration required: False
Subscription required: False
Free subscription: True
Third party service: https://www.hashdd.com/

Description#

Determine whether a hash is good or bad; if good then list what it is.

Configuration#

api_key API key for hashdd
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

Hashdd: long report

Hashdd_Status#

Author: iosonogio, dadokkio
License: AGPLv3
Version: 2.0
Supported observables types:
- hash
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Determine whether a hash is good or bad.

Configuration#

api_key API key for hashdd
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required False

Templates samples for TheHive#

No template samples to display.