Compartilhar via


Get VirusTotal Report using PowerShell

VirusTotal is a free virus, malware and URL online scanning service. File checking is done with more than 50 antivirus solutions.

Using this script you can query VirusTotal service from PowerShell using a file name or by hash, and get a detailed report about the file.

Written by Moti Bani - mobani@microsoft.com - (https://blogs.technet.com/b/motiba/) with script portions copied from https://psvirustotal.codeplex.com
Reviewed and edited by Martin Schvartzman
Sign up to VirusTotal Community to get API Key - https://www.virustotal.com/en/documentation/public-api

Examples:

Get-VirusTotalReport -VTApiKey YourAPIKey_1234567890 -FilePath C:\temp\sys\procexp.exe

Get-VirusTotalReport -VTApiKey YourAPIKey_1234567890 -Hash be677bd5fb580ed1acf47777b34b19597feeea07d1ee90646ffa310e58232cbb

Comments

  • Anonymous
    June 15, 2017
    This is Alsa, phD student. I found the script very useful in my research .But unfortunately I couldnt run it. I put the "Sample-Hashes.txt" file and the "VirusTotal.ps1" and "VirusTotal.psm1" programs in the same directory.I ran inside the powershell development interface.In windows 10 I gave the right mouse button in the program "VirusTotal.ps1" and clicked edit then opened.Get-VTReport -VTApiKey c2ec8..myAPIKey -file Sample-Hashes.txt.I am badly stuck. Could you please help me to sort it out.I am looking forward to hearing from you.Thanks and kind regards,Alsa
    • Anonymous
      June 25, 2017
      Hi Alsa,what is the error code?
  • Anonymous
    August 09, 2017
    Hi,thanks for your code. Quick question, how do you scan multiple hashes at a time using the public api as it only takes 4 requests per minute?ThanksFrancis
  • Anonymous
    August 17, 2017
    Can you search an ip or URL with this? If not, can you show how to add that function?