Skip to content

Downloads a file from VirustTotal and submits it to Threat Grid

Notifications You must be signed in to change notification settings

CiscoSecurity/tg-04-submit-from-virustotal

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 

Repository files navigation

Gitter chat

Threat Grid Submit From VirusTotal:

This script searches VirusTotal for a SHA256. If the file is in VirusTotal it fetches the filename, downloads the file, and submits to it Threat Grid. If a SHA256 is not provided as a command line argument, the script will prompt for one.

NOTE: This script requires a VirusTotal Enterprise account

Before using you must update the following:

  • vt_apikey
  • tg_api_key

Usage:

python submit_from_virustotal.py c225c488312f5cbd876072215aaeca66eda206448f90f35ca59d9c9f825b3528

or

python submit_from_virustotal.py
Enter a SHA256: c225c488312f5cbd876072215aaeca66eda206448f90f35ca59d9c9f825b3528

Example script output:

Checking for file in Threat Grid
Retrieving filename for: c225c488312f5cbd876072215aaeca66eda206448f90f35ca59d9c9f825b3528
Got: RFQ Request For Quotation.exe
Downloading file from VirusTotal - DONE!
Submitting to Threat Grid
Sample ID: 9e1297bbd5726e00a9fdbf58b794f315

About

Downloads a file from VirustTotal and submits it to Threat Grid

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages