MalwareDB VirusTotal Client
This is logic for interacting with VirusTotal's V3 API. At present, only the following actions are supported:
- Fetch file report: this gets the anti-virus scan data for a given sample, and there are examples in the
testdata/directory. - Request re-scan: ask VirusTotal to run a given sample through their collection of anti-virus applications and analysis tools.
- Submit a sample: send a sample to VirusTotal for analysis.
- Download a sample: download the original sample from VirusTotal (not fully tested, requires VirusTotal Premium).
- Search: find the hashes of files which match some search criteria (not fully tested, requires VirusTotal Premium, uses older V2 API). See VirusTotal's doc for more information.
- The file report object and error types can be useful when interacting with VirusTotal using another crate or using VT's API directly; you don't have to use the client object in this crate to use the data (and error) types in this crate.
VirusTotal supports these actions given a MD5, SHA-1, or SHA-256 hash.
Additionally, this crate provides a client application for the supported operations above: submitting a file, retrieving a report, requesting re-analysis, and downloading a sample (requires Premium).