MalwareBazaar#
README
MalwareBazaar#
MalwareBazaar is a project operated by abuse.ch. The purpose of the project is to collect and share malware samples, helping IT-security researchers and threat analysts protecting their constituency and customers from cyber threats.
The analyzer comes in a single flavour that takes as input an hash and enrich it with additional intelligence .
Requirements#
You need a valid MalwareBazaar API subscription to use the analyzer.
- Provide your API key as values for the
keyparameter.
MalwareBazaar#
Author: Andrea Garavaglia, Davide Arcuri - LDO-CERT
License: AGPL-V3
Version: 1.0
Supported observables types:
- hash
Registration required: True
Subscription required: True
Free subscription: True
Third party service: https://bazaar.abuse.ch/
Description#
Search hashes on MalwareBazaar.
Configuration#
| api_key | MalwareBazaar api key |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
Templates samples for TheHive#
