Get VirusTotal Report using PowerShell
VirusTotal is a free virus, malware and URL online scanning service. File checking is done with more than 50 antivirus solutions.
Using this script you can query VirusTotal service from PowerShell using a file name or by hash, and get a detailed report about the file.
Written by Moti Bani - mobani@microsoft.com - (https://blogs.technet.com/b/motiba/) with script portions copied from https://psvirustotal.codeplex.com
Reviewed and edited by Martin Schvartzman
Sign up to VirusTotal Community to get API Key - https://www.virustotal.com/en/documentation/public-api
Examples:
Get-VirusTotalReport -VTApiKey YourAPIKey_1234567890 -FilePath C:\temp\sys\procexp.exe
Get-VirusTotalReport -VTApiKey YourAPIKey_1234567890 -Hash be677bd5fb580ed1acf47777b34b19597feeea07d1ee90646ffa310e58232cbb
Comments
- Anonymous
June 15, 2017
This is Alsa, phD student. I found the script very useful in my research .But unfortunately I couldnt run it. I put the "Sample-Hashes.txt" file and the "VirusTotal.ps1" and "VirusTotal.psm1" programs in the same directory.I ran inside the powershell development interface.In windows 10 I gave the right mouse button in the program "VirusTotal.ps1" and clicked edit then opened.Get-VTReport -VTApiKey c2ec8..myAPIKey -file Sample-Hashes.txt.I am badly stuck. Could you please help me to sort it out.I am looking forward to hearing from you.Thanks and kind regards,Alsa- Anonymous
June 25, 2017
Hi Alsa,what is the error code?
- Anonymous
- Anonymous
August 09, 2017
Hi,thanks for your code. Quick question, how do you scan multiple hashes at a time using the public api as it only takes 4 requests per minute?ThanksFrancis - Anonymous
August 17, 2017
Can you search an ip or URL with this? If not, can you show how to add that function?