Python implements the method of uploading samples to virustotal and querying the scanned information

Source: Internet
Author: User
The example in this paper describes how Python implements the upload sample to VirusTotal and queries the scanned information. Share to everyone for your reference. Here's how:

Import Simplejson Import urllib import urllib2 import os MD5 = "5248f774d2ee0a10936d0b1dc89107f1" MD5 = "12fa5fb74201d9b 6a14f63fbf9a81ff6 "#do not has report on virustotal.com ########################################################## ############## APIKEY = "E0a50a50e77fxxxxxxxxxxxxxx4f17e31 here Use your own key" of the account you applied on VirusTotal "class VirusTotal:" "" "" "de     F __init__ (self, MD5): "" "" Constructor "" "Self._virus_dict = {} SELF._MD5 = MD5 def repr (self):                                          Return Str (SELF._VIRUS_DICT) def submit_md5 (self, file_path): Import postfile                                                                       #submit the file file_name = Os.path.basename (File_path) Host = "www.virustotal.com" selector = "Https://www.virustotal.com/vtap                            I/v2/file/scan "fields = [(" Apikey ", apikey)] file_to_send = open (File_path," RB "). Read () Files = [("File", file_name, file_to_send)] json = Postfile.post_multipart (host, selector, fields, F Iles) Print JSON pass Def get_report_dict (self): result_dict = {} URL = "https://w Ww.virustotal.com/vtapi/v2/file/report "parameters = {" Resource ": Self._md5," Apikey ": apikey} data = Urllib.urlencode (parameters) req = Urllib2. Request (URL, data) response = Urllib2.urlopen (req) json = Response.read () response_dict = Simplejson.load S (JSON) if response_dict["Response_code"]: #has result scans_dict = Response_dict.get ("Scans", {}) for a Ti_virus_comany, Virus_Name in Scans_dict.iteritems (): If virus_name["detected"]: self._virus_dict.setde  Fault (Anti_virus_comany, virus_name["result"]) return self._virus_dict

The result returned is: {u ' Sophos ': U ' sus/behav-1010 '}, if there is a scanned result.

The method to invoke is as follows:

MD5 = "12fa5fb74201d9b6a14f63fbf9a81ff6" #do not has report on virustotal.com MD5 = "5248F774D2EE0A10936D0B1DC89107F1" FI Le_path = r "D:\backSample\10\9af41bc012d66c98ca2f9c68ba38e98f_ICQLiteShell.dll" from  getvirustotalinfo Import VirusTotal #得到扫描结果并打印出来 virus_total = VirusTotal (MD5) print virus_total.get_report_dict ()  

Hopefully this article will help you with Python programming.

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.