Introduction
API Endpoint
https://api.vxintel.io/api/v3
Welcome to the vxIntel API documentation.
We provide a simple but powerful REST API to access reports, download & submit samples and much more. This API reference provides information on available endpoints and how to interact with it.
In case you have any questions, issues or feedback regarding our API, please reach out to us on support@vxintel.io.
Authentication
You can set the apikey header this way:
# With cURL, you can just pass the correct header with each request
curl "https://api.vxintel.io/api/v3" -H "Authorization: Token YOUR_API_KEY"
Make sure to replace YOUR_API_KEY with your actual API key!
We use an API key (token) to allow access to the API. If you are an existing user, your key should already have been sent to you as part of your onboarding process. If you'd like a demo key for testing purposes, please feel free to drop us a line on support@vxintel.io.
Our backend expects for the API key to be included in all API requests to the server in a header that looks like this:
Authorization: Token 0123456789012345678901234567890123456789
Quick Start
This section contains some basic usage examples, allowing you to dive right into the API for simple tasks such as searching for a specific hash, downloading a file and getting file scan reports.
Get File Details
Code Samples
curl -X GET https://api.vxintel.io/api/v3/files/details/{hash}/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example Responses
200 Response
{
"filesize": 929280,
"creation_time": "2022-01-30T17:48:06Z",
"malware_status": "malicious",
"avscan_score": "16/24",
"file_type": "Win32 EXE",
"magic_type": "PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows",
"mime_type": "application/x-dosexec",
"md5": "97ff0fce34d30566ec3aab99658fa32b",
"sha1": "88ee23cbfdfc9ba5663f99585653410a025122d7",
"sha256": "27882db9f5ac7f32a7f64e260911cd3f7d4ea86b5e9fc13ba979d5aa051de3bd",
"sha512": "2718a2904198f9e755d13a082a1113581b7c2c01829396d7fd37c994bd865a198e4e03e8cfe648e35cac4f4505d318ac68264499d6af5a1f1871cdec8e849078",
"imphash": "f34d5f2d4577ed6d9ceec516c1f5a744",
"ssdeep": "12288:efAVutoEzPRxyjqu7dG1lFlWcYT70pxnnaaoawQ7ueuRAbrZNrI0AilFEvxHvBMT:WfM4MROxnFK9krZlI0AilFEvxHihF",
"tlsh": "T12D15BF013FACBD06C1BE3778B2731AC91BB8E9066052FB4E185861AD2D9FB01BD55367",
"trID": [
"Generic CIL Executable (.NET, Mono, etc.) (53.2%)",
"Microsoft Visual C++ compiled executable (generic) (12.0%)",
"Windows screen saver (9.5%)",
"Win64 Executable (generic) (7.6%)",
"Win16 NE executable (generic) (5.1%)"
],
"first_seen": "2022-01-31T10:18:03Z",
"last_seen": "2022-01-31T10:18:04Z",
"last_scanned": "2022-01-31T10:18:19Z",
"url": "https://files.vxintel.io/files/download/88ee23cbfdfc9ba5663f99585653410a025122d7/",
"origin_source": "Web/Upload",
"names": [
"r345.exe"
],
"tags": [
"trojan",
"backdoor",
"family:orcus"
]
}
GET /files/details/
While this endpoint allows you to get file details for a given hash, it effectively also allows you to check (search) if a given hash exists in the database.
Parameters
| Parameter | Type | Default Value | Required | Description |
|---|---|---|---|---|
| YOUR_API_KEY | string | - | true | Your API key |
| hash | string | - | true | Hash (md5/sha1/sha256) |
HTTP Response Codes
| Code | Meaning |
|---|---|
| 200 | Success: A matching hash/file has been found |
| 400 | Bad request: Probably wrong hash (type) supplied |
| 401 | Invalid token: YOUR_API_KEY is invalid |
| 404 | No matching hash/file found |
Download a File
Code Samples
curl -X GET https://files.vxintel.io/files/download/{hash}/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY' -o sample.bin
Example Responses
200 Response
Requested file will downloaded.
404 Response
{
"detail": "Not found."
}
GET /files/download/
Downloads a copy of given file hash to a local file as sample.bin, if it exists.
Note: Regular database queries use the api.vxintel.io endpoint while actual file downloading is done via the files.vxintel.io endpoint.
Parameters
| Parameter | Type | Default Value | Required | Description |
|---|---|---|---|---|
| YOUR_API_KEY | string | - | true | Your API key |
| hash | string | - | true | Hash (md5/sha1/sha256) |
HTTP Response Codes
| Code | Meaning |
|---|---|
| 200 | Success: File be downloaded |
| 400 | Bad request: Probably wrong hash (type) supplied |
| 401 | Invalid token: YOUR_API_KEY is invalid |
| 404 | No matching hash/file found |
Get AV Scan Report
Code Samples
curl -X GET https://api.vxintel.io/api/v3/detections/{hash}/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example Responses
200 Response
{
"md5": "97ff0fce34d30566ec3aab99658fa32b",
"sha1": "88ee23cbfdfc9ba5663f99585653410a025122d7",
"sha256": "27882db9f5ac7f32a7f64e260911cd3f7d4ea86b5e9fc13ba979d5aa051de3bd",
"sha512": "2718a2904198f9e755d13a082a1113581b7c2c01829396d7fd37c994bd865a198e4e03e8cfe648e35cac4f4505d318ac68264499d6af5a1f1871cdec8e849078",
"scan_time": "2022-01-31T10:18:19Z",
"avscan_score": "16/24",
"scan_results": [
{
"av_name": "Kaspersky",
"threat_found": "HEUR:Trojan-Spy.MSIL.Generic",
"def_time": "2022-01-31T07:05:00Z"
},
...
{
"av_name": "Bitdefender",
"threat_found": "Generic.MSIL.PasswordStealerA.48176DB8",
"def_time": "2022-01-31T09:03:23Z"
}
]
}
GET /detections/{hash}/
Shows AV detection results for a given hash, if the hash (or file) exists.
Parameters
| Parameter | Type | Default Value | Required | Description |
|---|---|---|---|---|
| YOUR_API_KEY | string | - | true | Your API key |
| hash | string | - | true | Hash (md5/sha1/sha256) |
HTTP Response Codes
| Code | Meaning |
|---|---|
| 200 | Success: Report will be shown |
| 400 | Bad request: Probably wrong hash (type) supplied |
| 401 | Invalid token: YOUR_API_KEY is invalid |
| 404 | No matching hash/file found |
File Details
Retrieve file details
Code samples
curl -X GET https://api.vxintel.io/api/v3/files/details/{hash}/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"filesize": 0,
"creation_time": "2022-01-31T15:53:18Z",
"malware_status": "string",
"avscan_score": "string",
"file_type": "string",
"magic_type": "string",
"mime_type": "string",
"md5": "string",
"sha1": "string",
"sha256": "string",
"sha512": "string",
"imphash": "string",
"ssdeep": "string",
"tlsh": {},
"trID": {},
"first_seen": "2022-01-31T15:53:18Z",
"last_seen": "2022-01-31T15:53:18Z",
"last_scanned": "2022-01-31T15:53:18Z",
"url": "string",
"origin_source": "string",
"names": [
"string"
],
"tags": "string"
}
GET /files/details/{hash}/
Returns file details for a given hash, if it exists in the database.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| hash | path | string | true | none |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | FileFullMetadata |
Retrieve file scan report
Code samples
curl -X GET https://api.vxintel.io/api/v3/detections/{hash}/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"md5": "string",
"sha1": "string",
"sha256": "string",
"sha512": "string",
"scan_time": "2022-01-31T15:53:18Z",
"avscan_score": "string",
"scan_results": [
{
"av_name": "string",
"threat_found": "string",
"def_time": "2022-01-31T15:53:18Z"
}
]
}
GET /detections/{hash}/
Shows AV detection results for a given hash, if the hash (or file) exists.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| hash | path | string | true | none |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | ScanReport |
Feed
feed_list
Code samples
curl -X GET https://api.vxintel.io/api/v3/feed/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
[
{
"download_link": "string"
}
]
GET /feed/
Get presigned URL for download feed.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| date | query | string | false | The Date parameter allows filtering statistics by date in the “YYYY-MM-DD” format. |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | [FeedSerializator] | false | none | none |
| » download_link | string | false | read-only | none |
Files
files_download_urls_list
Code samples
curl -X GET https://api.vxintel.io/api/v3/files/download_urls/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"count": 0,
"next": "http://example.com",
"previous": "http://example.com",
"results": [
{
"sha1": "string",
"url": "string"
}
]
}
GET /files/download_urls/
Get a particular download link for a file by sha1.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| date | query | string | false | The Date parameter allows filtering URLs by date, not later than 7 recent days in the "YYYY-MM-DD" format. |
| detections | query | number | false | The detections parameter allows filtering files by the number of malware detections. |
| identity | query | string | false | The Identity parameter allows filtering files by their identities: "malware", "url", "mobile", "osx", "pua", "clean", "pcap", "pdns", "nonpe", "manual" |
| limit | query | integer | false | Number of results to return per page. |
| offset | query | integer | false | The initial index from which to return the results. |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » count | integer | true | none | none |
| » next | string(uri)¦null | false | none | none |
| » previous | string(uri)¦null | false | none | none |
| » results | [FileDownloadURL] | true | none | none |
| »» sha1 | string | true | none | SHA1 hash of the file |
| »» url | string | false | read-only | URL for file downloading (if it's empty, you don't have enough permission for this action) |
Metadata
files_download_urls_create
Code samples
curl -X POST https://api.vxintel.io/api/v3/files/download_urls/ \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Body parameter
{
"hashes": [
"string"
]
}
Example responses
200 Response
{
"sha1": "string",
"url": "string"
}
POST /files/download_urls/
Get a particular download link for a file by sha1.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | object | true | none |
| » hashes | body | [string] | false | none |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | FileDownloadURL |
files_download_urls_read
Code samples
curl -X GET https://api.vxintel.io/api/v3/files/download_urls/{hash}/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"sha1": "string",
"url": "string"
}
GET /files/download_urls/{hash}/
Get a particular download link for a file by sha1.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| hash | path | string | true | Hash of the file. Choose from the list: md5, sha1, sha256. |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | FileDownloadURL |
Actions
Rescan a file
Code samples
curl -X POST https://api.vxintel.io/api/v3/rescans/ \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Body parameter
{
"hash": "string"
}
Example responses
201 Response
{
"job_uuid": "string",
"processing_status": "string",
"malware_status": "string",
"avscan_score": "string",
"error_message": "string",
"hash": "string"
}
POST /rescans/
Allows you to rescan an existing file using its hash. You can use the generated job_uuid together with the /rescans/{uuid}/ endpoint to check the status of your request.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | RescanRequest | true | none |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | none | RescanRequest |
Retrieve a scan status
Code samples
curl -X GET https://api.vxintel.io/api/v3/rescans/{uuid}/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"job_uuid": "string",
"processing_status": "string",
"malware_status": "string",
"avscan_score": "string",
"error_message": "string",
"hash": "string"
}
GET /rescans/{uuid}/
Shows status of a file rescan. Accepts the job uuid generated while rescanning the file via the /rescans/ endpoint.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true | none |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | RescanRequest |
Retrieve a list of all rescans
Code samples
curl -X GET https://api.vxintel.io/api/v3/rescans/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"count": 0,
"next": "http://example.com",
"previous": "http://example.com",
"results": [
{
"job_uuid": "string",
"processing_status": "string",
"malware_status": "string",
"avscan_score": "string",
"error_message": "string",
"hash": "string"
}
]
}
GET /rescans/
Returns a list of all rescan requests.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| limit | query | integer | false | Number of results to return per page. |
| offset | query | integer | false | The initial index from which to return the results. |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » count | integer | true | none | none |
| » next | string(uri)¦null | false | none | none |
| » previous | string(uri)¦null | false | none | none |
| » results | [RescanRequest] | true | none | none |
| »» job_uuid | string | false | read-only | Rescan's report ID |
| »» processing_status | string | false | read-only | none |
| »» malware_status | string | false | read-only | none |
| »» avscan_score | string | false | read-only | none |
| »» error_message | string | false | read-only | none |
| »» hash | string | true | none | none |
File Search
Search files by different parameters
Code samples
curl -X GET https://api.vxintel.io/api/v3/search/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"count": 0,
"next": "http://example.com",
"previous": "http://example.com",
"results": [
{
"hash": "string",
"filename": "string",
"file_date": "string",
"malware_status": "string",
"avscan_score": "string",
"is_downloadable": true
}
]
}
GET /search/
Return information about found files in the short format.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| detections | query | number | false | The detections parameter allows filtering files by the number of malware detections. |
| hash | query | array[string] | false | List of files' hashes (SHA1, SHA256, MD5). |
| tag | query | array[string] | false | The tag parameter allows filtering files by their tags |
| identity | query | string | false | The identity parameter allows filtering files by their identities: "malware", "url", "mobile", "osx", "pua", "clean", "pcap", "pdns", "nonpe", "manual" |
| ordering | query | string | false | Which field to use when ordering the results. |
| limit | query | integer | false | Number of results to return per page. |
| offset | query | integer | false | The initial index from which to return the results. |
| date_after | query | string | false | The date_after parameter allows finding files appeared after a particular date. It accepts the “YYYY-MM-DD” format. |
| date_before | query | string | false | The date_before parameter allows finding files appeared before a particular date. It accepts the “YYYY-MM-DD” format. |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » count | integer | true | none | none |
| » next | string(uri)¦null | false | none | none |
| » previous | string(uri)¦null | false | none | none |
| » results | [FileSearchResult] | true | none | none |
| »» hash | string | false | read-only | none |
| »» filename | string | false | read-only | none |
| »» file_date | string | false | read-only | none |
| »» malware_status | string | false | read-only | none |
| »» avscan_score | string | false | read-only | none |
| »» is_downloadable | boolean | false | read-only | none |
Search a file by its hash
Code samples
curl -X GET https://api.vxintel.io/api/v3/search/{hash}/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"hash": "string",
"filename": "string",
"file_date": "string",
"malware_status": "string",
"avscan_score": "string",
"is_downloadable": true
}
GET /search/{hash}/
Return information about a found file in the short format.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| hash | path | string | true | none |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | FileSearchResult |
Statistics
statistics_usage_list
Code samples
curl -X GET https://api.vxintel.io/api/v3/statistics/usage/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
[
{
"results": {
"limit": 100000,
"remaining": 99982,
"detail": [
{
"2020-11-06": {
"File Metadata Instance": 4,
"Scan List": 2,
"Rescan List": 1,
"Scan Report Instance": 2,
"File Download Url List": 2,
"File Metadata List": 7
}
}
]
}
}
]
GET /statistics/usage/
Get API usage statistics.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| date | query | string | false | The Date parameter allows filtering statistics by date in the “YYYY-MM-DD” format. |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | [StatisticsUsageSerializator] | false | none | none |
File Uploads
Upload a file
Code samples
curl -X POST https://api.vxintel.io/api/v3/uploads/file/ \
-H 'Content-Type: multipart/form-data' \
-H 'Accept: application/json' \
-H 'Content-Type: multipart/form-data' \
-H 'Authorization: Token YOUR_API_KEY'
Body parameter
file_obj: string
notification_email: user@example.com
is_private: true
Example responses
201 Response
{
"job_uuid": "string",
"initial_name": "string",
"processing_status": "string",
"status_description": "string",
"file": {
"hash": "string",
"filename": "string",
"file_date": "string",
"malware_status": "string",
"avscan_score": "string",
"is_downloadable": true
},
"created": "2022-01-31T15:53:18Z"
}
POST /uploads/file/
Allows you to upload a file to the system for processing and scanning. You can use the generated job_uuid together with the /uploads/{uuid}/ endpoint to check the status of your upload.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Content-Type | header | string | false | Type of content which send to the system. |
| body | body | object | false | none |
| » file_obj | body | string(binary) | true | none |
| » notification_email | body | string(email) | false | none |
| » is_private | body | boolean | false | none |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | none | UploadStatus |
Retrieve an upload status
Code samples
curl -X GET https://api.vxintel.io/api/v3/uploads/{uuid}/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"job_uuid": "string",
"initial_name": "string",
"processing_status": "string",
"status_description": "string",
"file": {
"hash": "string",
"filename": "string",
"file_date": "string",
"malware_status": "string",
"avscan_score": "string",
"is_downloadable": true
},
"created": "2022-01-31T15:53:18Z"
}
GET /uploads/{uuid}/
Shows status of an uploaded file. Accepts the job uuid generated while uploading the file via /uploads/file/ endpoint.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true | none |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | UploadStatus |
Retrieve a list of all uploads
Code samples
curl -X GET https://api.vxintel.io/api/v3/uploads/ \
-H 'Accept: application/json' \
-H 'Authorization: Token YOUR_API_KEY'
Example responses
200 Response
{
"count": 0,
"next": "http://example.com",
"previous": "http://example.com",
"results": [
{
"job_uuid": "string",
"initial_name": "string",
"processing_status": "string",
"status_description": "string",
"file": {
"hash": "string",
"filename": "string",
"file_date": "string",
"malware_status": "string",
"avscan_score": "string",
"is_downloadable": true
},
"created": "2022-01-31T15:53:18Z"
}
]
}
GET /uploads/
Returns a list of all files uploaded to the system.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| limit | query | integer | false | Number of results to return per page. |
| offset | query | integer | false | The initial index from which to return the results. |
HTTP Response Codes
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| » count | integer | true | none | none |
| » next | string(uri)¦null | false | none | none |
| » previous | string(uri)¦null | false | none | none |
| » results | [UploadStatus] | true | none | none |
| »» job_uuid | string | false | read-only | Rescan's report ID |
| »» initial_name | string | false | read-only | none |
| »» processing_status | string | false | read-only | none |
| »» status_description | string | false | read-only | none |
| »» file | FileSearchResult | false | none | none |
| »»» hash | string | false | read-only | none |
| »»» filename | string | false | read-only | none |
| »»» file_date | string | false | read-only | none |
| »»» malware_status | string | false | read-only | none |
| »»» avscan_score | string | false | read-only | none |
| »»» is_downloadable | boolean | false | read-only | none |
| »» created | string(date-time) | false | read-only | none |
Schemas
ScanResult
{
"av_name": "string",
"threat_found": "string",
"def_time": "2022-01-31T15:53:18Z"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| av_name | string | true | none | none |
| threat_found | string | true | none | none |
| def_time | string(date-time) | true | none | none |
ScanReport
{
"md5": "string",
"sha1": "string",
"sha256": "string",
"sha512": "string",
"scan_time": "2022-01-31T15:53:18Z",
"avscan_score": "string",
"scan_results": [
{
"av_name": "string",
"threat_found": "string",
"def_time": "2022-01-31T15:53:18Z"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| md5 | string | true | none | none |
| sha1 | string | true | none | SHA1 hash of the file. |
| sha256 | string | true | none | none |
| sha512 | string | true | none | none |
| scan_time | string(date-time) | true | none | none |
| avscan_score | string | false | read-only | none |
| scan_results | [ScanResult] | true | none | none |
FeedSerializator
{
"download_link": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| download_link | string | false | read-only | none |
FileFullMetadata
{
"filesize": 0,
"creation_time": "2022-01-31T15:53:18Z",
"malware_status": "string",
"avscan_score": "string",
"file_type": "string",
"magic_type": "string",
"mime_type": "string",
"md5": "string",
"sha1": "string",
"sha256": "string",
"sha512": "string",
"imphash": "string",
"ssdeep": "string",
"tlsh": {},
"trID": {},
"first_seen": "2022-01-31T15:53:18Z",
"last_seen": "2022-01-31T15:53:18Z",
"last_scanned": "2022-01-31T15:53:18Z",
"url": "string",
"origin_source": "string",
"names": [
"string"
],
"tags": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| filesize | integer | false | read-only | none |
| creation_time | string(date-time) | false | read-only | none |
| malware_status | string | false | read-only | none |
| avscan_score | string | false | read-only | none |
| file_type | string | false | read-only | none |
| magic_type | string | false | read-only | none |
| mime_type | string | false | read-only | none |
| md5 | string | false | read-only | none |
| sha1 | string | false | read-only | SHA1 hash of the file. |
| sha256 | string | false | read-only | none |
| sha512 | string | false | read-only | none |
| imphash | string | false | read-only | none |
| ssdeep | string | false | read-only | none |
| tlsh | object | true | none | none |
| trID | object | true | none | none |
| first_seen | string(date-time) | true | none | none |
| last_seen | string(date-time) | false | read-only | Calculate the last seen datetime. |
| last_scanned | string(date-time) | true | none | none |
| url | string | false | read-only | URL for file downloading (if it's empty, you don't have enough permission for this action) |
| origin_source | string | false | read-only | none |
| names | [string] | false | read-only | Return the other names of the file. |
| tags | string | true | none | none |
FileDownloadURL
{
"sha1": "string",
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| sha1 | string | true | none | SHA1 hash of the file |
| url | string | false | read-only | URL for file downloading (if it's empty, you don't have enough permission for this action) |
RescanRequest
{
"job_uuid": "string",
"processing_status": "string",
"malware_status": "string",
"avscan_score": "string",
"error_message": "string",
"hash": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| job_uuid | string | false | read-only | Rescan's report ID |
| processing_status | string | false | read-only | none |
| malware_status | string | false | read-only | none |
| avscan_score | string | false | read-only | none |
| error_message | string | false | read-only | none |
| hash | string | true | none | none |
FileSearchResult
{
"hash": "string",
"filename": "string",
"file_date": "string",
"malware_status": "string",
"avscan_score": "string",
"is_downloadable": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| hash | string | false | read-only | none |
| filename | string | false | read-only | none |
| file_date | string | false | read-only | none |
| malware_status | string | false | read-only | none |
| avscan_score | string | false | read-only | none |
| is_downloadable | boolean | false | read-only | none |
StatisticsUsageSerializator
{}
Properties
None
UploadStatus
{
"job_uuid": "string",
"initial_name": "string",
"processing_status": "string",
"status_description": "string",
"file": {
"hash": "string",
"filename": "string",
"file_date": "string",
"malware_status": "string",
"avscan_score": "string",
"is_downloadable": true
},
"created": "2022-01-31T15:53:18Z"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| job_uuid | string | false | read-only | Rescan's report ID |
| initial_name | string | false | read-only | none |
| processing_status | string | false | read-only | none |
| status_description | string | false | read-only | none |
| file | FileSearchResult | false | none | none |
| created | string(date-time) | false | read-only | none |