Skip to main content

Submit a File for Analysis to VirusTotal with Cache - Workflow Template

Submit a file to VirusTotal for analysis and provide a simple cache for the analysis results. Use URLs or Torq file links to the file.

Updated this week

This workflow template enables the submission of a file to VirusTotal for comprehensive analysis, incorporating a caching mechanism to optimize the process. It is designed to enhance threat intelligence by checking if the file's hash is already known and cached; if not, it queries VirusTotal. The results categorize the file as malicious, suspicious, or safe, providing crucial data for incident response and analysis phases.

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Provide the link to the file and integration information to the nested workflow

  2. Check if the hash of the file has been enriched and found in the cache, if found return the results

  3. Query VirusTotal for the hash of the file, if not found submit the file for analysis

  4. Parse the analysis information for malicious, suspicious and threat categories and names

  5. Return the analysis information to the parent workflow

Vendors

Utils, VirusTotal, Torq

Did this answer your question?