> ## Documentation Index
> Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Scan File

Scans a file and returns the analysis.

If the file is uploaded to a URL, it is preferred that you use the `Scan URL` action instead.

*Note:*: If the analysis is taking too long, this action may return it in a queued state.
You can use the `Get Analysis` action to retrieve it's completed result later or increase the step timeout.

<Note>
  External Documentation

  To learn more, visit the [VirusTotal documentation](https://virustotal.readme.io/reference/private-files-api).
</Note>

## Parameters

<div className="integrations-table">
  | Parameter       | Description                                                                                        |
  | --------------- | -------------------------------------------------------------------------------------------------- |
  | File Data       | Contents of the file to upload.                                                                    |
  | File Hash       | The SHA-256, SHA-1 or MD5 identifying the file.                                                    |
  | File Identifier | The identifier of the file. You can create a file identifier using the `Set File Variable` action. |
  | Scan Type       | The type of scan you would like to perform.                                                        |
  | Time Interval   | The duration (seconds) between analysis checks.                                                    |
</div>

## Example Output

```json theme={"dark"}
{
	"data": {
		"id": "mock_analysis_id_12345",
		"type": "analysis",
		"links": {
			"self": "https://www.virustotal.com/v3/analyses/mock_analysis_id_12345",
			"item": "https://www.virustotal.com/v3/files/mock_file_hash_abcdef123456"
		},
		"attributes": {
			"date": 1672531200,
			"stats": {
				"malicious": 0,
				"suspicious": 1,
				"undetected": 58,
				"harmless": 2,
				"timeout": 0,
				"confirmed-timeout": 0,
				"failure": 1,
				"type-unsupported": 10
			},
			"status": "completed",
			"results": {
				"MockAV": {
					"method": "signature",
					"engine_name": "MockAV",
					"engine_version": "3.1.2",
					"engine_update": "20240801",
					"category": "undetected",
					"result": null
				},
				"ExampleScanner": {
					"method": "heuristic",
					"engine_name": "ExampleScanner",
					"engine_version": "1.5.7",
					"engine_update": "20240805",
					"category": "suspicious",
					"result": "PUA.Generic.Suspicious"
				},
				"TestEngine": {
					"method": "behavioral",
					"engine_name": "TestEngine",
					"engine_version": "2.8.1",
					"engine_update": "20240804",
					"category": "harmless",
					"result": null
				}
			}
		}
	},
	"meta": {
		"file_info": {
			"sha256": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
			"md5": "12345678901234567890123456789012",
			"sha1": "1234567890123456789012345678901234567890",
			"size": 1024
		}
	}
}
```

## Workflow Library Example

[Detect and Respond to Gmail Email Phishing](https://library.blinkops.com/workflows/detect-and-respond-to-gmail-email-phishing)

<div className="iframe-wrapper">
  <div className="iframe-media">
    <img src="https://mintcdn.com/blinkops-2/ojHYuDeYX5FWuN8a/img/Icons/play-box.svg?fit=max&auto=format&n=ojHYuDeYX5FWuN8a&q=85&s=b8af968e71438a9499c3223c9bd29fb2" alt="Workflow Library" width="16" height="16" data-path="img/Icons/play-box.svg" />

    Preview this Workflow on desktop
  </div>

  <iframe className="iframe" src="https://library.blinkops.com/workflows/detect-and-respond-to-gmail-email-phishing/canvas" />
</div>
