misp-modules icon indicating copy to clipboard operation
misp-modules copied to clipboard

Published 20 hours ago verified publisher icon MISP

Feature Request for VirusTotal Module

Open syloktools opened this issue 6 years ago • 4 comments

If given a SHA256 hash the module would return the MD5 hash and vice versa. Some security tools only take MD5s or SHA256s and having the module auto pull these would be fantastic.

syloktools avatar Sep 20 '18 12:09 syloktools

The VT enrichment module is already doing this if I remember correctly. @adulau?

rommelfs avatar Nov 20 '18 12:11 rommelfs

Works fine for me now (2.4.97).

StefanKelm avatar Nov 21 '18 13:11 StefanKelm

Is there a possibility to have VT return the expansion data as Objects instead of standard attributes? Utilizing the File Object - I would assume the File Object needs to updated to include additional data from VirusTotal. This would be a great way to group information of a file.

vedd3r avatar Nov 23 '18 13:11 vedd3r

@vedd3r, it would also be be great if this was the case with any enrichment that comes from Cortex

geekscrapy avatar Feb 22 '19 12:02 geekscrapy