Skip to content




MalwareBazaar is a project operated by The purpose of the project is to collect and share malware samples, helping IT-security researchers and threat analysts protecting their constituency and customers from cyber threats.

The analyzer comes in a single flavour that takes as input an hash and enrich it with additional intelligence .


You need a valid MalwareBazaar API subscription to use the analyzer.

  • Provide your API key as values for the key parameter.


Author: Andrea Garavaglia, Davide Arcuri - LDO-CERT
License: AGPL-V3
Version: 1.0
Supported observables types:
- hash
Registration required: True
Subscription required: True
Free subscription: True
Third party service:


Search hashes on MalwareBazaar.


api_key MalwareBazaar api key
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

MalwareBazaar: long report

Last update: November 15, 2021 06:39:12