NAV

Introduction

API Endpoint

https://api.vxintel.io/api/v2

Welcome to the vxIntel API documentation.

We provide a simple and powerful REST API to access reports, download & submit samples and much more. This API reference provides information on available endpoints and how to interact with it.

If you have any questions or suggestions regarding the API, please reach out to us on support@vxintel.io.

Authentication

You can set the apikey header this way:

# With cUrl, you can just pass the correct header with each request
curl "https://api.vxintel.io/api/v2" -H "Authorization: Token YOUR_API_KEY"

Make sure to replace YOUR_API_KEY with your actual API key.

vxIntel uses API keys to allow access to the API. You can request a trial to get an API key. If you are an existing user, your API key should already have been sent to you as part of your onboarding process.

vxIntel expects for the API key to be included in all API requests to the server in a header that looks like the following:

Authorization: Token 0123456789012345678901234567890123456789

Quick Start

This section contains some basic usage examples, allowing you to dive right into the API for basic tasks such as searching for a specific hash, downloading a file and getting basic scan reports.

Get File Details

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/details/{hash}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/details/

While this endpoint allows you to get file details for a given hash, it effectively also allows you to check (search) if a given hash exists in the database.

Example Responses

200 Response

{
  "filesize": 179369,
  "creation_time": "1992-06-19T22:22:17Z",
  "malware_status": "malicious",
  "avscan_score": "32/37",
  "file_type": "Win32 EXE",
  "magic_type": "PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed",
  "mime_type": "application/x-dosexec",
  "md5": "431c77e9d0809d5eafd84ab2dea25e49",
  "sha1": "b45e5dafd38640e5eecb1af7ac7923626a47b8d4",
  "sha256": "5d1d51054623113997ab1f5c66c518bf488248dd8e761896c2c0e0779d240b7b",
  "sha512": "cc2a3152a7e1af2fc57b340ce39e4d24dcf151b6a067a07d4b0a26072693a7d22e337df04d8bb75129bfebc691cfb35652255332d2907f816c0e634227cc4328",
  "imphash": "8eb90f63ff7fc0bd388dac1d27b3afce",
  "ssdeep": "3072:yxTqpdA3f6QNf2IPO4DpmWpAsfYbTOBoefYi6a9k20tAvKkzkFuS55P:02pdqfv2IPOGfXf5ovWvtkUS55P",
  "first_seen": "2019-01-22T16:56:09Z",
  "last_seen": "2019-02-08T12:15:25Z",
  "last_scanned": "2019-02-09T13:43:47Z",
  "url": "https://files.vxintel.io/files/download/b45e5dafd38640e5eecb1af7ac7923626a47b8d4/",
  "names": [
    "431c77e9d0809d5eafd84ab2dea25e49",
    "5D1D51054623113997AB1F5C66C518BF488248DD8E761896C2C0E0779D240B7B"
  ]
}

Parameters

Parameter Type Default Value Required Description
YOUR_API_KEY string - true Your API key
hash string - true Hash (md5/sha1/sha256)

HTTP Response Codes

Code Meaning
200 Success: A matching hash/file has been found
400 Bad request: Probably wrong hash (type) supplied
401 Invalid token: YOUR_API_KEY is invalid
404 No matching hash/file found

Download a File

Code Samples

# You can also use wget
curl -X GET https://files.vxintel.io/files/download/{hash}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY' -o sample.bin

GET /files/download/

Downloads a copy of given file hash to a local file as sample.bin, if it exists.

Note: Regular database queries use the api.vxintel.io endpoint while actual file downloading is done via the files.vxintel.io endpoint.

Example Responses

200 Response

N/A - Requested file will downloaded

404 Response

{
  "detail": "Not found."
}

Parameters

Parameter Type Default Value Required Description
YOUR_API_KEY string - true Your API key
hash string - true Hash (md5/sha1/sha256)

HTTP Response Codes

Code Meaning
200 Success: File be downloaded
400 Bad request: Probably wrong hash (type) supplied
401 Invalid token: YOUR_API_KEY is invalid
404 No matching hash/file found

Get AV Scan Report

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/report/{hash}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/report/

Antivirus scan results for given hash, if it exists.

Example Responses

200 Response

{
  "md5": "3e1811b957957ff27a15ef46c0a1dcf6",
  "sha1": "77ada9b268cba301977e24426cd5c852612c9916",
  "sha256": "c857bbe0946bcd2a6361ff884cb0ab4d191aafe450128d3c068576bb3cabd13d",
  "sha512": "42bd053c269efdd8aff4b5bb91d11fb866cb2cf720c1e88843b2e2624e7c8ace92fe37710cdcae6c95c83d276695fe6dc1ff898a26e07b7efc5fc6020c4b1bea",
  "scan_time": "2019-10-04T17:22:46Z",
  "avscan_score": "24/39",
  "scan_results": [
    {
      "av_name": "Quick Heal",
      "threat_found": "Backdoor.Zegost.MUE.A8",
      "def_time": "2017-03-07T00:00:00Z"
    },
    ...
    {
      "av_name": "Lavasoft",
      "threat_found": "Gen:Variant.Razy.111934",
      "def_time": "2017-03-08T00:00:00Z"
    }
  ]
}

Parameters

Parameter Type Default Value Required Description
YOUR_API_KEY string - true Your API key
hash string - true Hash (md5/sha1/sha256)

HTTP Response Codes

Code Meaning
200 Success: Report will be shown
400 Bad request: Probably wrong hash (type) supplied
401 Invalid token: YOUR_API_KEY is invalid
404 No matching hash/file found

Dashboard

Dashboard specific API endpoints.

Obtain auth token

Code Samples

# You can also use wget
curl -X POST https://api.vxintel.io/api/v2/auth/ \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

POST /auth/

description

Body parameter

{
  "username": "string",
  "password": "string"
}

Parameters

Name In Type Required Description
body body AuthToken true none

Example Responses

200 Response

{
  "token": "string"
}

Responses

Status Meaning Description Schema
200 OK none AuthTokenDetails

Obtain a callback token by email

Code Samples

# You can also use wget
curl -X POST https://api.vxintel.io/api/v2/auth/email/ \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

POST /auth/email/

description

Body parameter

{
  "email": "user@example.com"
}

Parameters

Name In Type Required Description
body body EmailAuth true none

Example Responses

200 Response

{
  "detail": "A login token has been sent to your email."
}

Responses

Status Meaning Description Schema
200 OK none Inline
400 Bad Request none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
» detail string false none none

Status Code 400

Bad request

Name Type Required Restrictions Description
» details string false none none
» email [string] false none none
» non_field_errors [string] false none none

Obtain an auth token

Code Samples

# You can also use wget
curl -X POST https://api.vxintel.io/api/v2/auth/token/ \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

POST /auth/token/

description

Body parameter

{
  "email": "user@example.com",
  "mobile": "string",
  "token": "string"
}

Parameters

Name In Type Required Description
body body CallbackTokenAuth true none

Example Responses

200 Response

{
  "token": "string"
}

Responses

Status Meaning Description Schema
200 OK none Inline
400 Bad Request none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
» token string false none none

Status Code 400

Bad request

Name Type Required Restrictions Description
» token [string] false none none
» non_field_errors [string] false none none

Make a password-protected archive with files for download

Code Samples

# You can also use wget
curl -X POST https://api.vxintel.io/api/v2/files/downloads/ \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

POST /files/downloads/

The API accepts a list of files' hashes that should be archived. If a secret password is provided, an archive containing these files will be password-protected.

Body parameter

{
  "files": [
    "string"
  ],
  "secret_password": "string"
}

Parameters

Name In Type Required Description
body body DownloadRequest true none

Example Responses

201 Response

{
  "job_uuid": "string",
  "processing_status": "string",
  "link": "string",
  "expires": "2020-07-10T11:48:53Z",
  "files": [
    "string"
  ],
  "secret_password": "string"
}

Responses

Status Meaning Description Schema
201 Created none DownloadRequest

Retrieve an archive status

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/downloads/{uuid}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/downloads/{uuid}/

The API returns a current archive creation status. The 'link' field contains a direct download link.

Parameters

Name In Type Required Description
uuid path string true none

Example Responses

200 Response

{
  "job_uuid": "string",
  "processing_status": "string",
  "link": "string",
  "expires": "2020-07-10T11:48:53Z",
  "files": [
    "string"
  ],
  "secret_password": "string"
}

Responses

Status Meaning Description Schema
200 OK none DownloadRequest

Retrieve a list of rescan requests

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/rescans/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/rescans/

Parameters

Name In Type Required Description
limit query integer false Number of results to return per page.
offset query integer false The initial index from which to return the results.

Example Responses

200 Response

{
  "count": 0,
  "next": "http://example.com",
  "previous": "http://example.com",
  "results": [
    {
      "job_uuid": "string",
      "processing_status": "string",
      "malware_status": "string",
      "avscan_score": "string",
      "error_message": "string",
      "hash": "string"
    }
  ]
}

Responses

Status Meaning Description Schema
200 OK none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
» count integer true none none
» next string(uri)¦null false none none
» previous string(uri)¦null false none none
» results [RescanRequest] true none none
»» job_uuid string false read-only Rescan's report ID
»» processing_status string false read-only none
»» malware_status string false read-only none
»» avscan_score string false read-only none
»» error_message string false read-only none
»» hash string true none none

Rescan an existing file using its hash

Code Samples

# You can also use wget
curl -X POST https://api.vxintel.io/api/v2/files/rescans/ \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

POST /files/rescans/

Body parameter

{
  "hash": "string"
}

Parameters

Name In Type Required Description
body body RescanRequest true none

Example Responses

201 Response

{
  "job_uuid": "string",
  "processing_status": "string",
  "malware_status": "string",
  "avscan_score": "string",
  "error_message": "string",
  "hash": "string"
}

Responses

Status Meaning Description Schema
201 Created none RescanRequest

Retrieve scan status

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/rescans/{uuid}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/rescans/{uuid}/

Parameters

Name In Type Required Description
uuid path string true none

Example Responses

200 Response

{
  "job_uuid": "string",
  "processing_status": "string",
  "malware_status": "string",
  "avscan_score": "string",
  "error_message": "string",
  "hash": "string"
}

Responses

Status Meaning Description Schema
200 OK none RescanRequest

Return search history

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/search/history/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/search/history/

description

Parameters

Name In Type Required Description
limit query integer false Number of results to return per page.
offset query integer false The initial index from which to return the results.

Example Responses

200 Response

{
  "count": 0,
  "next": "http://example.com",
  "previous": "http://example.com",
  "results": [
    {
      "file": {
        "hash": "string",
        "filename": "string",
        "file_date": "2020-07-10T11:48:53Z",
        "malware_status": "string",
        "avscan_score": "string"
      }
    }
  ]
}

Responses

Status Meaning Description Schema
200 OK none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
» count integer true none none
» next string(uri)¦null false none none
» previous string(uri)¦null false none none
» results [FileSearchHistory] true none none
»» file FileSearchResult true none none
»»» hash string false read-only none
»»» filename string false read-only none
»»» file_date string(date-time) true none none
»»» malware_status string false read-only none
»»» avscan_score string false read-only none

Find a particular file by its hash

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/search/{hash}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/search/{hash}/

The API supports only md5, sha1 and sha256 hashes.

Parameters

Name In Type Required Description
hash path string true none

Example Responses

200 Response

{
  "hash": "string",
  "filename": "string",
  "file_date": "2020-07-10T11:48:53Z",
  "malware_status": "string",
  "avscan_score": "string"
}

Responses

Status Meaning Description Schema
200 OK none FileSearchResult

Retrieve a list of uploaded files

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/uploads/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/uploads/

description

Parameters

Name In Type Required Description
limit query integer false Number of results to return per page.
offset query integer false The initial index from which to return the results.

Example Responses

200 Response

{
  "count": 0,
  "next": "http://example.com",
  "previous": "http://example.com",
  "results": [
    {
      "job_uuid": "string",
      "hash": "string",
      "filename": "string",
      "file_date": "string",
      "processing_status": "string",
      "malware_status": "string",
      "avscan_score": "string",
      "error_message": "string"
    }
  ]
}

Responses

Status Meaning Description Schema
200 OK none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
» count integer true none none
» next string(uri)¦null false none none
» previous string(uri)¦null false none none
» results [FileUploadStatus] true none none
»» job_uuid string false read-only Rescan's report ID
»» hash string false read-only none
»» filename string false read-only none
»» file_date string false read-only none
»» processing_status string false read-only none
»» malware_status string false read-only none
»» avscan_score string false read-only none
»» error_message string false read-only none

Upload a new file for processing and scanning

Code Samples

# You can also use wget
curl -X POST https://api.vxintel.io/api/v2/files/uploads/ \
  -H 'Content-Type: multipart/form-data' \
  -H 'Accept: application/json' \
  -H 'Content-Type: multipart/form-data' \
  -H 'Authorization: Token YOUR_API_KEY'

POST /files/uploads/

The method accepts data in the FileUpload format but returns the new instance in the FileUploadStatus format.

Body parameter

file_obj: string
notification_email: user@example.com
is_private: true
is_consented: true

Parameters

Name In Type Required Description
Content-Type header string false Type of content which send to the system.
body body object false none
» file_obj body string(binary) true none
» notification_email body string(email) false none
» is_private body boolean false none
» is_consented body boolean true none

Example Responses

201 Response

{
  "job_uuid": "string",
  "hash": "string",
  "filename": "string",
  "file_date": "string",
  "processing_status": "string",
  "malware_status": "string",
  "avscan_score": "string",
  "error_message": "string"
}

Responses

Status Meaning Description Schema
201 Created none FileUploadStatus

Retrieve information about a particular uploaded file

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/uploads/{uuid}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/uploads/{uuid}/

description

Parameters

Name In Type Required Description
uuid path string true none

Example Responses

200 Response

{
  "job_uuid": "string",
  "hash": "string",
  "filename": "string",
  "file_date": "string",
  "processing_status": "string",
  "malware_status": "string",
  "avscan_score": "string",
  "error_message": "string"
}

Responses

Status Meaning Description Schema
200 OK none FileUploadStatus

Feed

feed_list

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/feed/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /feed/

Get presigned URL for download feed.

Parameters

Name In Type Required Description
date query string false The Date parameter allows filtering statistics by date in the “YYYY-MM-DD” format.

Example Responses

200 Response

[
  {
    "download_link": "string"
  }
]

Responses

Status Meaning Description Schema
200 OK none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
anonymous [FeedSerializator] false none none
» download_link string false read-only none

Metadata

files_details_list

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/details/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/details/

Get list of files filtered by a date.

Parameters

Name In Type Required Description
date query string false The Date parameter allows filtering URLs by date, not later than 7 recent days in the "YYYY-MM-DD" format.
identity query string false The Identity parameter allows filtering files by their identities: "malware", "url", "mobile", "osx", "pua", "clean", "pcap", "pdns", "nonpe", "manual"
limit query integer false Number of results to return per page.
offset query integer false The initial index from which to return the results.

Example Responses

200 Response

{
  "count": 0,
  "next": "http://example.com",
  "previous": "http://example.com",
  "results": [
    {
      "filename": "string",
      "filesize": 0,
      "creation_time": "2020-07-10T11:48:53Z",
      "malware_status": "string",
      "avscan_score": "string",
      "file_type": "string",
      "magic_type": "string",
      "mime_type": "string",
      "md5": "string",
      "sha1": "string",
      "sha256": "string",
      "sha512": "string",
      "imphash": "string",
      "ssdeep": "string",
      "url": "string"
    }
  ]
}

Responses

Status Meaning Description Schema
200 OK none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
» count integer true none none
» next string(uri)¦null false none none
» previous string(uri)¦null false none none
» results [FileMetadata] true none none
»» filename string false read-only none
»» filesize integer false read-only none
»» creation_time string(date-time) false read-only none
»» malware_status string false read-only none
»» avscan_score string false read-only none
»» file_type string false read-only none
»» magic_type string false read-only none
»» mime_type string false read-only none
»» md5 string false read-only none
»» sha1 string false read-only SHA1 hash of the file.
»» sha256 string false read-only none
»» sha512 string false read-only none
»» imphash string false read-only none
»» ssdeep string false read-only none
»» url string false read-only URL for file downloading (if it's empty, you don't have enough permission for this action)

files_details_create

Code Samples

# You can also use wget
curl -X POST https://api.vxintel.io/api/v2/files/details/ \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

POST /files/details/

Get detail information about a particular file.

Body parameter

{
  "hashes": [
    "string"
  ]
}

Parameters

Name In Type Required Description
body body object true none
» hashes body [string] false none

Example Responses

200 Response

{
  "filename": "string",
  "filesize": 0,
  "creation_time": "2020-07-10T11:48:53Z",
  "malware_status": "string",
  "avscan_score": "string",
  "file_type": "string",
  "magic_type": "string",
  "mime_type": "string",
  "md5": "string",
  "sha1": "string",
  "sha256": "string",
  "sha512": "string",
  "imphash": "string",
  "ssdeep": "string",
  "url": "string"
}

Responses

Status Meaning Description Schema
200 OK none FileMetadata

files_details_read

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/details/{hash}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/details/{hash}/

Get detail information about a particular file.

Parameters

Name In Type Required Description
hash path string true Hash of the file. Choose from the list: md5, sha1, sha256.

Example Responses

200 Response

{
  "filesize": 0,
  "creation_time": "2020-07-10T11:48:53Z",
  "malware_status": "string",
  "avscan_score": "string",
  "file_type": "string",
  "magic_type": "string",
  "mime_type": "string",
  "md5": "string",
  "sha1": "string",
  "sha256": "string",
  "sha512": "string",
  "imphash": "string",
  "ssdeep": "string",
  "first_seen": "2020-07-10T11:48:53Z",
  "last_seen": "2020-07-10T11:48:53Z",
  "last_scanned": "2020-07-10T11:48:53Z",
  "url": "string",
  "names": [
    "string"
  ]
}

Responses

Status Meaning Description Schema
200 OK none FileFullMetadata

files_download_urls_list

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/download_urls/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/download_urls/

Get list of files filtered by a date.

Parameters

Name In Type Required Description
date query string false The Date parameter allows filtering URLs by date, not later than 7 recent days in the "YYYY-MM-DD" format.
identity query string false The Identity parameter allows filtering files by their identities: "malware", "url", "mobile", "osx", "pua", "clean", "pcap", "pdns", "nonpe", "manual"
limit query integer false Number of results to return per page.
offset query integer false The initial index from which to return the results.

Example Responses

200 Response

{
  "count": 0,
  "next": "http://example.com",
  "previous": "http://example.com",
  "results": [
    {
      "sha1": "string",
      "url": "string"
    }
  ]
}

Responses

Status Meaning Description Schema
200 OK none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
» count integer true none none
» next string(uri)¦null false none none
» previous string(uri)¦null false none none
» results [FileDownloadURL] true none none
»» sha1 string true none SHA1 hash of the file
»» url string false read-only URL for file downloading (if it's empty, you don't have enough permission for this action)

files_download_urls_create

Code Samples

# You can also use wget
curl -X POST https://api.vxintel.io/api/v2/files/download_urls/ \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

POST /files/download_urls/

Get a particular download link for a file by sha1.

Body parameter

{
  "hashes": [
    "string"
  ]
}

Parameters

Name In Type Required Description
body body object true none
» hashes body [string] false none

Example Responses

200 Response

{
  "sha1": "string",
  "url": "string"
}

Responses

Status Meaning Description Schema
200 OK none FileDownloadURL

files_download_urls_read

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/download_urls/{hash}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/download_urls/{hash}/

Get detail information about a particular file.

Parameters

Name In Type Required Description
hash path string true Hash of the file. Choose from the list: md5, sha1, sha256.

Example Responses

200 Response

{
  "sha1": "string",
  "url": "string"
}

Responses

Status Meaning Description Schema
200 OK none FileDownloadURL

Antivirus Scan

files_report_list

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/report/?hashes=string \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/report/

Get a report from antivirus for the list of the hash of files.

Parameters

Name In Type Required Description
hashes query array[string] true List of hash(SHA1, SHA256, MD5) of files.

Example Responses

200 Response

[
  {
    "md5": "string",
    "sha1": "string",
    "sha256": "string",
    "sha512": "string",
    "scan_time": "2020-07-10T11:48:53Z",
    "avscan_score": "string",
    "scan_results": [
      {
        "av_name": "string",
        "threat_found": "string",
        "def_time": "2020-07-10T11:48:53Z"
      }
    ]
  }
]

Responses

Status Meaning Description Schema
200 OK none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
anonymous [ScanReport] false none none
» md5 string false none none
» sha1 string true none SHA1 hash of the file.
» sha256 string false none none
» sha512 string false none none
» scan_time string(date-time) true none none
» avscan_score string false read-only none
» scan_results [ScanResult] true none none
»» av_name string true none none
»» threat_found string true none none
»» def_time string(date-time) true none none

files_report_create

Code Samples

# You can also use wget
curl -X POST https://api.vxintel.io/api/v2/files/report/ \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

POST /files/report/

Get a report from antivirus for the file's hash.

Body parameter

{
  "hashes": [
    "string"
  ]
}

Parameters

Name In Type Required Description
body body object true none
» hashes body [string] false none

Example Responses

200 Response

{
  "md5": "string",
  "sha1": "string",
  "sha256": "string",
  "sha512": "string",
  "scan_time": "2020-07-10T11:48:53Z",
  "avscan_score": "string",
  "scan_results": [
    {
      "av_name": "string",
      "threat_found": "string",
      "def_time": "2020-07-10T11:48:53Z"
    }
  ]
}

Responses

Status Meaning Description Schema
200 OK none ScanReport

files_report_read

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/files/report/{hash}/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /files/report/{hash}/

Get a report from antivirus for the file's hash.

Parameters

Name In Type Required Description
hash path string true Hash of the file. Choose from the list: md5, sha1, sha256.

Example Responses

200 Response

{
  "md5": "string",
  "sha1": "string",
  "sha256": "string",
  "sha512": "string",
  "scan_time": "2020-07-10T11:48:53Z",
  "avscan_score": "string",
  "scan_results": [
    {
      "av_name": "string",
      "threat_found": "string",
      "def_time": "2020-07-10T11:48:53Z"
    }
  ]
}

Responses

Status Meaning Description Schema
200 OK none ScanReport

Settings

settings_list

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/settings/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /settings/

Return user settings.

Example Responses

200 Response

[
  {
    "account_name": "string",
    "email": "string",
    "subscription_valid_until": "2020-07-10",
    "last_login": "string",
    "api_key": "string"
  }
]

Responses

Status Meaning Description Schema
200 OK none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
anonymous [Settings] false none none
» account_name string false read-only none
» email string false read-only none
» subscription_valid_until string(date) false read-only The field is for information purposes. It doesn't affect anything.
» last_login string false read-only none
» api_key string false read-only none

Statistics

statistic_usage_list

Code Samples

# You can also use wget
curl -X GET https://api.vxintel.io/api/v2/statistic/usage/ \
  -H 'Accept: application/json' \
  -H 'Authorization: Token YOUR_API_KEY'

GET /statistic/usage/

Get API usage statistics.

Parameters

Name In Type Required Description
date query string false The Date parameter allows filtering statistics by date in the “YYYY-MM-DD” format.

Example Responses

200 Response

[
  {}
]

Responses

Status Meaning Description Schema
200 OK none Inline

Response Schema

Status Code 200

Name Type Required Restrictions Description
anonymous [StatisticsUsageSerializator] false none none

Schemas

AuthToken

{
  "username": "string",
  "password": "string"
}

Properties

Name Type Required Restrictions Description
username string true none none
password string true none none

AuthTokenDetails

{
  "token": "string"
}

Properties

Name Type Required Restrictions Description
token string false read-only none

EmailAuth

{
  "email": "user@example.com"
}

Properties

Name Type Required Restrictions Description
email string(email) true none none

CallbackTokenAuth

{
  "email": "user@example.com",
  "mobile": "string",
  "token": "string"
}

Properties

Name Type Required Restrictions Description
email string(email) false none none
mobile string false none none
token string true none none

FeedSerializator

{
  "download_link": "string"
}

Properties

Name Type Required Restrictions Description
download_link string false read-only none

FileMetadata

{
  "filename": "string",
  "filesize": 0,
  "creation_time": "2020-07-10T11:48:53Z",
  "malware_status": "string",
  "avscan_score": "string",
  "file_type": "string",
  "magic_type": "string",
  "mime_type": "string",
  "md5": "string",
  "sha1": "string",
  "sha256": "string",
  "sha512": "string",
  "imphash": "string",
  "ssdeep": "string",
  "url": "string"
}

Properties

Name Type Required Restrictions Description
filename string false read-only none
filesize integer false read-only none
creation_time string(date-time) false read-only none
malware_status string false read-only none
avscan_score string false read-only none
file_type string false read-only none
magic_type string false read-only none
mime_type string false read-only none
md5 string false read-only none
sha1 string false read-only SHA1 hash of the file.
sha256 string false read-only none
sha512 string false read-only none
imphash string false read-only none
ssdeep string false read-only none
url string false read-only URL for file downloading (if it's empty, you don't have enough permission for this action)

FileFullMetadata

{
  "filesize": 0,
  "creation_time": "2020-07-10T11:48:53Z",
  "malware_status": "string",
  "avscan_score": "string",
  "file_type": "string",
  "magic_type": "string",
  "mime_type": "string",
  "md5": "string",
  "sha1": "string",
  "sha256": "string",
  "sha512": "string",
  "imphash": "string",
  "ssdeep": "string",
  "first_seen": "2020-07-10T11:48:53Z",
  "last_seen": "2020-07-10T11:48:53Z",
  "last_scanned": "2020-07-10T11:48:53Z",
  "url": "string",
  "names": [
    "string"
  ]
}

Properties

Name Type Required Restrictions Description
filesize integer false read-only none
creation_time string(date-time) false read-only none
malware_status string false read-only none
avscan_score string false read-only none
file_type string false read-only none
magic_type string false read-only none
mime_type string false read-only none
md5 string false read-only none
sha1 string false read-only SHA1 hash of the file.
sha256 string false read-only none
sha512 string false read-only none
imphash string false read-only none
ssdeep string false read-only none
first_seen string(date-time) true none none
last_seen string(date-time) false read-only Calculate the last seen datetime.
last_scanned string(date-time) true none none
url string false read-only URL for file downloading (if it's empty, you don't have enough permission for this action)
names [string] false read-only Return the other names of the file.

FileDownloadURL

{
  "sha1": "string",
  "url": "string"
}

Properties

Name Type Required Restrictions Description
sha1 string true none SHA1 hash of the file
url string false read-only URL for file downloading (if it's empty, you don't have enough permission for this action)

DownloadRequest

{
  "job_uuid": "string",
  "processing_status": "string",
  "link": "string",
  "expires": "2020-07-10T11:48:53Z",
  "files": [
    "string"
  ],
  "secret_password": "string"
}

Properties

Name Type Required Restrictions Description
job_uuid string false read-only Rescan's report ID
processing_status string false read-only none
link string false read-only none
expires string(date-time) false read-only none
files [string] true none none
secret_password string¦null false none none

ScanResult

{
  "av_name": "string",
  "threat_found": "string",
  "def_time": "2020-07-10T11:48:53Z"
}

Properties

Name Type Required Restrictions Description
av_name string true none none
threat_found string true none none
def_time string(date-time) true none none

ScanReport

{
  "md5": "string",
  "sha1": "string",
  "sha256": "string",
  "sha512": "string",
  "scan_time": "2020-07-10T11:48:53Z",
  "avscan_score": "string",
  "scan_results": [
    {
      "av_name": "string",
      "threat_found": "string",
      "def_time": "2020-07-10T11:48:53Z"
    }
  ]
}

Properties

Name Type Required Restrictions Description
md5 string false none none
sha1 string true none SHA1 hash of the file.
sha256 string false none none
sha512 string false none none
scan_time string(date-time) true none none
avscan_score string false read-only none
scan_results [ScanResult] true none none

RescanRequest

{
  "job_uuid": "string",
  "processing_status": "string",
  "malware_status": "string",
  "avscan_score": "string",
  "error_message": "string",
  "hash": "string"
}

Properties

Name Type Required Restrictions Description
job_uuid string false read-only Rescan's report ID
processing_status string false read-only none
malware_status string false read-only none
avscan_score string false read-only none
error_message string false read-only none
hash string true none none

FileSearchResult

{
  "hash": "string",
  "filename": "string",
  "file_date": "2020-07-10T11:48:53Z",
  "malware_status": "string",
  "avscan_score": "string"
}

File

Properties

Name Type Required Restrictions Description
hash string false read-only none
filename string false read-only none
file_date string(date-time) true none none
malware_status string false read-only none
avscan_score string false read-only none

FileSearchHistory

{
  "file": {
    "hash": "string",
    "filename": "string",
    "file_date": "2020-07-10T11:48:53Z",
    "malware_status": "string",
    "avscan_score": "string"
  }
}

Properties

Name Type Required Restrictions Description
file FileSearchResult true none none

FileUploadStatus

{
  "job_uuid": "string",
  "hash": "string",
  "filename": "string",
  "file_date": "string",
  "processing_status": "string",
  "malware_status": "string",
  "avscan_score": "string",
  "error_message": "string"
}

Properties

Name Type Required Restrictions Description
job_uuid string false read-only Rescan's report ID
hash string false read-only none
filename string false read-only none
file_date string false read-only none
processing_status string false read-only none
malware_status string false read-only none
avscan_score string false read-only none
error_message string false read-only none

Settings

{
  "account_name": "string",
  "email": "string",
  "subscription_valid_until": "2020-07-10",
  "last_login": "string",
  "api_key": "string"
}

Properties

Name Type Required Restrictions Description
account_name string false read-only none
email string false read-only none
subscription_valid_until string(date) false read-only The field is for information purposes. It doesn't affect anything.
last_login string false read-only none
api_key string false read-only none

StatisticsUsageSerializator

{}

Properties

None