Virusshare#
README
VirusShare#
VirusShare is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code.
The analyzer enables local searching for md5 hashes in Virusshare.com hash list.
Requirements#
- Download the VirusShare hashlists. For convenience the
getHashes.shscript is provided - In the analyzer parameters configure the
pathof downloaded hashlists folder.
Virusshare#
Author: Nils Kuhnert, CERT-Bund
License: AGPL-V3
Version: 2.0
Supported observables types:
- hash
- file
Registration required: False
Subscription required: False
Free subscription: False
Third party service: https://virusshare.com/
Description#
Search for MD5 hashes in Virusshare.com hash list
Configuration#
| path | Define the path to the stored data |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | False |
Templates samples for TheHive#
