Get information about a file.

External Documentation

To learn more, visit the VirusTotal documentation.

Parameters

ParameterDescription
File HashThe SHA-256, SHA-1 or MD5 identifying the file.

Example Output

{
	"data": {
		"id": "<string>",
		"type": "<string>",
		"links": {
			"self": "<string>"
		},
		"attributes": {
			"total_votes": {
				"harmless": 1,
				"malicious": 1
			},
			"sandbox_verdicts": {
				"Zenbox": {
					"category": "<string>",
					"malware_classification": [
						"<string>"
					],
					"sandbox_name": "<string>",
					"confidence": 92
				},
				"SecondWrite": {
					"category": "<string>",
					"malware_classification": [
						"<string>"
					],
					"sandbox_name": "<string>"
				}
			},
			"type_tag": "<string>",
			"sha1": "<string>",
			"last_analysis_date": 1257810954,
			"first_submission_date": 2855720673,
			"times_submitted": 0,
			"authentihash": "<string>",
			"size": 5433140,
			"ssdeep": "<string>",
			"names": [
				"<string>",
				"<string>"
			],
			"last_modification_date": 2098773642,
			"vhash": "<string>",
			"type_extension": "<string>",
			"trid": [
				{
					"file_type": "<string>",
					"probability": 67
				},
				{
					"file_type": "<string>",
					"probability": 18
				}
			],
			"crowdsourced_yara_results": [
				{
					"ruleset_id": "<string>",
					"ruleset_name": "<string>",
					"rule_name": "<string>",
					"match_date": 2045274062,
					"description": "<string>",
					"author": "<string>",
					"ruleset_version": "<string>",
					"source": "<string>"
				}
			],
			"pe_info": {
				"timestamp": 1975076101,
				"imphash": "<string>",
				"machine_type": 272,
				"entry_point": 1174229,
				"resource_details": [
					{
						"lang": "<string>",
						"chi2": 1190,
						"filetype": "<string>",
						"entropy": 11,
						"sha256": "<string>",
						"type": "<string>"
					},
					{
						"lang": "<string>",
						"chi2": 1224,
						"filetype": "<string>",
						"entropy": 3,
						"sha256": "<string>",
						"type": "<string>"
					}
				],
				"resource_langs": {
					"ENGLISH US": 17,
					"ENGLISH ARABIC QATAR": 7
				},
				"resource_types": {
					"RT_DIALOG": 1,
					"RT_ICON": 12,
					"TYPELIB": 1,
					"RT_MESSAGETABLE": 2,
					"Struct(240)": 1,
					"RT_MANIFEST": 2,
					"RT_STRING": 7,
					"RT_RCDATA": 4,
					"RT_BITMAP": 5,
					"RT_VERSION": 2,
					"PNG": 3,
					"RT_GROUP_ICON": 1
				},
				"overlay": {
					"chi2": 11065,
					"filetype": "<string>",
					"entropy": 12,
					"offset": 5273970,
					"md5": "<string>",
					"size": 16695
				},
				"sections": [
					{
						"name": "<string>",
						"chi2": 27583337,
						"virtual_address": 6732,
						"entropy": 3,
						"raw_size": 1848345,
						"flags": "<string>",
						"virtual_size": 158524,
						"md5": "<string>"
					},
					{
						"name": "<string>",
						"chi2": 63179582,
						"virtual_address": 705301,
						"entropy": 4,
						"raw_size": 735329,
						"flags": "<string>",
						"virtual_size": 119864,
						"md5": "<string>"
					}
				],
				"exports": [
					"<string>",
					"<string>"
				],
				"compiler_product_versions": [
					"<string>",
					"<string>"
				],
				"rich_pe_header_hash": "<string>",
				"import_list": [
					{
						"library_name": "<string>",
						"imported_functions": [
							"<string>",
							"<string>"
						]
					},
					{
						"library_name": "<string>",
						"imported_functions": [
							"<string>",
							"<string>"
						]
					}
				]
			},
			"detectiteasy": {
				"filetype": "<string>",
				"values": [
					{
						"info": "<string>",
						"version": "<string>",
						"type": "<string>",
						"name": "<string>"
					},
					{
						"info": "<string>",
						"version": "<string>",
						"type": "<string>",
						"name": "<string>"
					}
				]
			},
			"creation_date": 2356997577,
			"reputation": 2,
			"meaningful_name": "<string>",
			"filecondis": {
				"raw_md5": "<string>",
				"dhash": "<string>"
			},
			"type_tags": [
				"<string>",
				"<string>"
			],
			"last_analysis_results": {
				"Bkav": {
					"method": "<string>",
					"engine_name": "<string>",
					"engine_version": "<string>",
					"engine_update": "20221116",
					"category": "<string>",
					"result": null
				},
				"Avast-Mobile": {
					"method": "<string>",
					"engine_name": "<string>",
					"engine_version": "<string>",
					"engine_update": "20250401",
					"category": "<string>",
					"result": null
				}
			},
			"tags": [
				"<string>",
				"<string>"
			],
			"last_submission_date": 1225342710,
			"last_analysis_stats": {
				"malicious": 2,
				"suspicious": 2,
				"undetected": 38,
				"harmless": 2,
				"timeout": 2,
				"confirmed-timeout": 0,
				"failure": 2,
				"type-unsupported": 4
			},
			"magika": "<string>",
			"md5": "<string>",
			"type_description": "<string>",
			"sha256": "<string>",
			"unique_sources": 5,
			"signature_info": {
				"product": "<string>",
				"verified": "<string>",
				"description": "<string>",
				"file version": "<string>",
				"signing date": "20221116",
				"x509": [
					{
						"valid usage": "<string>",
						"thumbprint_sha256": "<string>",
						"name": "<string>",
						"algorithm": "<string>",
						"thumbprint_md5": "<string>",
						"valid from": "<string>",
						"valid to": "<string>",
						"serial number": "<string>",
						"cert issuer": "<string>",
						"thumbprint": "<string>"
					},
					{
						"valid usage": "<string>",
						"thumbprint_sha256": "<string>",
						"name": "<string>",
						"algorithm": "<string>",
						"thumbprint_md5": "<string>",
						"valid from": "<string>",
						"valid to": "<string>",
						"serial number": "<string>",
						"cert issuer": "<string>",
						"thumbprint": "<string>"
					}
				],
				"original name": "<string>",
				"signers": "<string>",
				"counter signers details": [
					{
						"status": "<string>",
						"valid usage": "<string>",
						"name": "<string>",
						"algorithm": "<string>",
						"valid from": "<string>",
						"valid to": "<string>",
						"serial number": "<string>",
						"cert issuer": "<string>",
						"thumbprint": "<string>"
					},
					{
						"status": "<string>",
						"valid usage": "<string>",
						"name": "<string>",
						"algorithm": "<string>",
						"valid from": "<string>",
						"valid to": "<string>",
						"serial number": "<string>",
						"cert issuer": "<string>",
						"thumbprint": "<string>"
					}
				],
				"counter signers": "<string>",
				"copyright": "<string>",
				"signers details": [
					{
						"status": "<string>",
						"valid usage": "<string>",
						"name": "<string>",
						"algorithm": "<string>",
						"valid from": "<string>",
						"valid to": "<string>",
						"serial number": "<string>",
						"cert issuer": "<string>",
						"thumbprint": "<string>"
					},
					{
						"status": "<string>",
						"valid usage": "<string>",
						"name": "<string>",
						"algorithm": "<string>",
						"valid from": "<string>",
						"valid to": "<string>",
						"serial number": "<string>",
						"cert issuer": "<string>",
						"thumbprint": "<string>"
					}
				],
				"pkcs7": {
					"opusinfo": [
						{
							"moreInfo": "<string>",
							"programName": "<string>"
						}
					]
				}
			},
			"tlsh": "<string>",
			"magic": "<string>"
		}
	}
}

Workflow Library Example

Get File Report with Virustotal and Send Results Via Email

Preview this Workflow on desktop