VirusTotal

VirusTotal provides a system for deploying YARA rules to hunt for files among the ones submitted for scanning. This can produce a large number of notifications. The VirusTotal Hunting integration provides a process and automation for paring this flow of notifications down to ones that are of highest confidence and priority. The malware samples that are most important are automatically downloaded and made available in the ThreatConnect malware vault for further analysis. It can optionally tag samples for analysis by any of the automated malware system integrations available in ThreatConnect. With Playbooks Apps & Templates, users can take the following automated actions

Detonate with VirusTotal – this app sends a file to VirusTotal for analysis
Get VirusTotal Behavior Report – this app gets file behavior report results from VirusTotal
Get VirusTotal File Report – this app gets file report results from VirusTotal

This app can be found in the ThreatConnect App Catalog under VirusTotal.

Categories:

ThreatConnect

VirusTotal

Developers

Company

Related Resources

Categories:

ThreatConnect

VirusTotal

Related Apps

Cisco Umbrella Reporting

Data Enrichment

DomainTools Iris Search Hash Monitoring Playbook

Data Enrichment

Hyas Insight Enrichment Playbooks

Data Enrichment

Developers

Company