[PYTHON] Push the hash list into VT and receive the detection result as a list

It is a script that checks the hash value list of emo guys collectively with VT. Get all at once with API. There is a query volume limit (4 times / minute) so let's wait slowly

import requests
import json
import pandas as pd 
import time
import csv 


hashlist= [
'c9e17e63de9b882e820c829b415a4e13070453c8',
'dee5ff1d1910e27c2b6aed7ddffce3c3be6356d4']
url = 'https://www.virustotal.com/vtapi/v2/file/report'

apikey ='USE_YOUR_API_KEY'

f = open('vt_output.csv', 'w')
writer = csv.writer(f, lineterminator='\n')

for hash in hashlist:
    print(hash)
    params = {'apikey': apikey, 'resource': hash}
    response = requests.get(url, params=params)
    l = [hash]
    response_code =response.json()['response_code']
    l.append(response_code)
    if response_code == 1:
        df=pd.read_json( json.dumps(response.json()))
        for x in range(df.index.size):
            l.append(df['scans'][x]['result'])
    writer.writerow(l)
	time.sleep(25)
f.close()

The results can be obtained in a list.

1	Trojan.Downloader.DOC.Gen	Other:Malware-gen [Trj]	W97m.Downloader.IQU	Trojan.MSWord.Generic.4!c	VBA/Downloader.S70	W97m.Downloader.IQU	Other:Malware-gen [Trj]		VBA/Dldr.Agent.zzlmg		W97m.Downloader.IQU			W97M.Emotet.36301		Doc.Dropper.Emotet-7399725-0		W97M/Downldr.HB.gen!Eldorado	W97M.DownLoader.4186	VBA/TrojanDownloader.Agent.QMI		malicious (high confidence)		Malware.VBA/Dldr.Agent.zzlmg	W97m.Downloader.IQU	VBA/Agent.QLT!tr.dldr	[email protected]	Trojan-Downloader.VBA.Emotet				HEUR:Trojan.MSOffice.SAgent.gen		malware (ai score=89)			W97M/Downloader.xx	BehavesLike.Downloader.cg	W97m.Downloader.IQU	TrojanDownloader:O97M/Emotet.GF!MTB	Trojan.Script.Downloader.ghylsa	O97M/Downloader	virus.office.obfuscated.1			DFI - Malicious OLE	Mal/DocDl-K	Trojan.Gen.2	Suspicious/W97M.Obfus.Gen.8	Heur.Macro.Generic.Gen.f		Trojan.W97M.EMOTET.JKBG	Trojan.W97M.EMOTET.JKBG				Trojan.AvsMofer.bSGLro		HEUR:Trojan.MSOffice.SAgent.gen	Probably W97Obfuscated	

Recommended Posts

Push the hash list into VT and receive the detection result as a list
Use the e-paper module as a to-do list
Output the output result of sklearn.metrics.classification_report as a CSV file
Sort and output the elements in the list as elements and multiples in Python.
Extract the value of dict or list as a string
How to connect the contents of a list into a string
Save the result of the life game as a gif with python
Precautions when using a list or dictionary as the default argument
Dig the directory and create a list of directory paths + file names