Skip to content

MalwareBazaar#

README

MalwareBazaar#

MalwareBazaar is a project operated by abuse.ch. The purpose of the project is to collect and share malware samples, helping IT-security researchers and threat analysts protecting their constituency and customers from cyber threats.

The analyzer comes in a single flavour that takes as input an hash and enrich it with additional intelligence .

Requirements#

You need a valid MalwareBazaar API subscription to use the analyzer.

  • Provide your API key as values for the key parameter.

MalwareBazaar#

Author: Andrea Garavaglia, Davide Arcuri - LDO-CERT
License: AGPL-V3
Version: 1.0
Supported observables types:
- hash
Registration required: True
Subscription required: True
Free subscription: True
Third party service: https://bazaar.abuse.ch/

Description#

Search hashes on MalwareBazaar.

Configuration#

api_key MalwareBazaar api key
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

MalwareBazaar: long report


Last update: November 15, 2021 06:39:12