Hashdd#
README
Hashdd#
Hashdd search engine for file hashes which automatically queries 3rd party services like VirusTotal and enriches the information provided based on the 3rd party data.
The analyzer includes two flavors: Status and Detail. The first one is used to query hashdd without an API key for the threat level only. The latter produces additional meta information about the sample, but requires an API key.
Requirements#
A valid Hashdd API is necessary just for detail flavour, for status can still be added.
- Provide your API key as values for the
key
parameter.
Hashdd_Status#
Author: iosonogio, dadokkio
License: AGPLv3
Version: 2.0
Supported observables types:
- hash
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description#
Determine whether a hash is good or bad.
Configuration#
api_key | API key for hashdd |
---|---|
Default value if not configured | N/A |
Type of the configuration item | string |
The configuration item can contain multiple values | False |
Is required | False |
Templates samples for TheHive#
No template samples to display.
Hashdd_Detail#
Author: iosonogio, dadokkio
License: AGPLv3
Version: 2.0
Supported observables types:
- hash
Registration required: False
Subscription required: False
Free subscription: True
Third party service: https://www.hashdd.com/
Description#
Determine whether a hash is good or bad; if good then list what it is.
Configuration#
api_key | API key for hashdd |
---|---|
Default value if not configured | N/A |
Type of the configuration item | string |
The configuration item can contain multiple values | False |
Is required | True |