fbpx
Wikipedia

VirusTotal

January 09, 2024

VirusTotal is a website created by the Spanish security company Hispasec Sistemas. Launched in June 2004, it was acquired by Google in September 2012.[1][2] The company's ownership switched in January 2018 to Chronicle, a subsidiary of Google.

VirusTotal
Type of site
Internet security, file and URL analyzer
Available inArabic, Bulgarian, Chinese, Chinese (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, English (US), English (GB), Estonian, Filipino, Finnish, French, German, Greek, Hebrew, Hindi, Hungarian, Indonesian, Italian, Japanese, Korean, Latvian, Lithuanian, Malay, Norwegian, Persian, Polish, Portuguese, Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Ukrainian, Vietnamese
HeadquartersDublin,
Ireland
Area servedWorldwide
Created byHispasec Sistemas
General managerBernardo Quintero
Key peopleBernardo Quintero, Emiliano Martínez, Víctor Manuel Álvarez, Karl Hiramoto, Julio Canto, Alejandro Bermúdez, Juan A. Infantes
ParentGoogle LLC (2012–2018)
Chronicle (2018–present)
URLwww.virustotal.com
CommercialNo
RegistrationOptional
LaunchedJune 2004; 19 years ago (2004-06)
Current statusActive

VirusTotal aggregates many antivirus products and online scan engines[3][4] called Contributors.[5] In November, 2018, the Cyber National Mission Force, a unit subordinate to the U.S. Cyber Command became a Contributor.[6] The aggregated data from these Contributors allows a user to check for viruses that the user's own antivirus software may have missed, or to verify against any false positives.[7] Files up to 650 MB can be uploaded to the website, or sent via email (max. 32MB). Anti-virus software vendors can receive copies of files that were flagged by other scans but passed by their own engine, to help improve their software and, by extension, VirusTotal's own capability. Users can also scan suspect URLs and search through the VirusTotal dataset. VirusTotal uses the Cuckoo sandbox for dynamic analysis of malware.[8] VirusTotal was selected by PC World as one of the best 100 products of 2007.[9]

Products and services edit

Windows Uploader edit

VirusTotal's Windows Uploader[10] is a discontinued desktop application which integrates into File Explorer's context menu, under Send To > VirusTotal. The application also launches manually for submitting a URL or a program that is currently running in the OS.

VirusTotal stores the name and various hashes for each scanned file. Already scanned files can be identified by their known (e.g., VT default) SHA256 hash without uploading complete files. The SHA256 query URL has the form https://www.virustotal.com/latest-scan/SHA256. File uploads are normally limited to 128 MB.[11] In 2017 VirusTotal discontinued the Windows Uploader, listing the third party VirusTotalUploader program as an alternative.[12]

Uploader for Mac OS X and Linux edit

The Mac OS X and Linux uploaders are similar to the Windows app. One can upload a file via the app's UI or context menu and will be given back a result. The Mac OS X app can be downloaded from the VirusTotal website. To use the app on Linux, one needs to compile and build the app using the same core used in the Mac OS X application (provided in the repository).[12]

VirusTotal for Browsers edit

There are several browser extensions available, such as VT4Browsers for Mozilla Firefox and Google Chrome, and vtExplorer for Internet Explorer.[13] They allow the user to download files directly with VirusTotal's web application prior to storing them in the computer, as well as scanning URLs.[14]

VirusTotal for Mobile edit

The service also offers an Android app,[15] which employs the public API to search any installed application for VirusTotal's previously scanned ones and show its status. Any application not previously scanned can be submitted, but an API key must be provided and other restrictions to public API usage may apply (see #Public API).

Public API edit

VirusTotal provides a public API as a free service. It provides automation for some of its online features such as "upload and scan files, submit and scan URLs, access finished scan reports and make automatic comments on URLs and samples". Some restrictions apply for requests made through the public API, such as requiring an individual API key freely obtained by online signing up, low priority scan queue, limited number of requests per time frame, etc.[16]

Antivirus products edit

Antivirus engines used for detection for uploading files.[17]

Website/domain scanning engines and datasets edit

Antivirus scanning engines used for URL scanning.[17]

  • ADMINUSLabs (ADMINUSLABS)
  • AegisLab WebGuard (AegisLab)
  • Alexa (Amazon)
  • AlienVault (AlienVault)
  • Antiy-AVL (Antiy Labs)
  • AutoShun (RiskAnalytics)
  • Avira Checkurl (Avira)
  • Baidu (Baidu-International)
  • BitDefender
  • CRDF (CRDF FRANCE)
  • C-SIRT (Cyscon SIRT)
  • CLEAN MX
  • Comodo Site Inspector (Comodo Group)
  • CyberCrime (Xylitol)
  • Dr.Web Link Scanner (Dr.Web)
  • Emsisoft (Emsi Software GmbH)
  • ESET
  • FortiGuard Web Filtering (Fortinet)
  • G Data
  • Google Safe Browsing (Google)
  • Kaspersky URL advisor (Kaspersky Lab)
  • Malc0de Database (Malc0de)
  • Malekal (Malekal's MalwareDB)
  • Malwarebytes hpHosts (Malwarebytes)
  • Malwared (Malwared.malwaremustdie.org)
  • Malware Domain Blocklist (DNS-BH - Malware Domain Blocklist)
  • Malware Domain List (Malware Domain List)
  • MalwarePatrol (MalwarePatrol)
  • Malwares.com (Saint Security)
  • Netcraft
  • Opera
  • Palevo Tracker (Abuse.ch)
  • ParetoLogic URL Clearing House (ParetoLogic)
  • PhishFort
  • Phishtank (OpenDNS)
  • Quttera (Quttera Ltd.)
  • SCUMWARE (Scumware.org)
  • SecureBrain (SecureBrain)
  • Sophos
  • SpyEye Tracker (Abuse.ch)
  • StopBadware (StopBadware)
  • Sucuri SiteCheck (Sucuri)
  • ThreatHive (The Malwarelab)
  • Trend Micro Site Safety Center (Trend Micro)
  • urlQuery (urlQuery.net)
  • VX Vault
  • Websense ThreatSeeker (Websense)
  • Webutation
  • Wepawet (iseclab.org)
  • Yandex Safe Browsing (Yandex)
  • ZCloudsec (Zcloudsec)
  • ZDB Zeus
  • ZeuS Tracker (Abuse.ch)
  • Zvelo

File characterization tools & datasets edit

Utilities used to provide additional info on uploaded files.[17]

  • Androguard (Anthony Desnos)
  • Cuckoo Sandbox (Claudio Guarnieri)
  • ExifTool (Phil Harvey)
  • Magic descriptor (Linux)
  • NSRL information (NIST's National Software Reference Library)
  • PDFiD (Didier Stevens)
  • pefile (Ero Carrera)
  • PEiD (Jibz)
  • Sigcheck (Mark Russinovich)
  • Snort (Sourcefire)
  • ssdeep (Jesse Kornblum)
  • Suricata (Open Information Security Foundation)
  • Taggant packer information tool (ReversingLabs)
  • TrID (Marco Pontello)
  • UEFI Firmware parser (Teddy Reed)
  • Wireshark (Wireshark Foundation)
  • Zemana behaviour (Zemana)
  • CarbonBlack (CarbonBlack)

Privacy edit

Files uploaded to VirusTotal may be shared freely with anti-malware companies and will also be retained in a store. The VirusTotal About Page states under VirusTotal and confidentiality:[18]

Files and URLs sent to VirusTotal will be shared with antivirus vendors and security companies so as to help them in improving their services and products. We do this because we believe it will eventually lead to a safer Internet and better end-user protection. By default any file/URL submitted to VirusTotal which is detected by at least one scanner is freely sent to all those scanners that do not detect the resource. Additionally, all files and URLs enter a private store that may be accessed by premium (mainly security/antimalware companies/organizations) VirusTotal users so as to improve their security products and services.

References edit

  1. ^ Lardinois, Frederic (7 September 2012). "Google Acquires Online Virus, Malware and URL Scanner VirusTotal". TechCrunch. Retrieved 12 April 2013.
  2. ^ VirusTotal Team (7 September 2012). "An update from VirusTotal". Blog.virustotal.com. Retrieved 3 June 2016.
  3. ^ "Credits & Acknowledgements : About VirusTotal". VirusTotal. Retrieved 6 July 2014.
  4. ^ "Example Report". Virustotal.com. 2 April 2014. Retrieved 3 June 2016.
  5. ^ "Contributors". VirusTotal.
  6. ^ . www.cybercom.mil. Archived from the original on 30 September 2020. Retrieved 22 February 2022.
  7. ^ . Virustotal.com. Archived from the original on 12 August 2010. Retrieved 3 June 2016.
  8. ^ "Credits of VirusTotal". Virustotal.com. Retrieved 27 November 2021.
  9. ^ Dahl, Eric (21 May 2007). "The 100 Best Products of 2007". PCWorld. IDG Consumer & SMB. Retrieved 3 June 2016.
  10. ^ "VirusTotal Windows Desktop Application". VirusTotal. Retrieved 16 February 2014.
  11. ^ "What is the maximum file size that can be submitted". FAQ. VirusTotal. Retrieved 20 January 2015.
  12. ^ a b "Desktop Apps". VirusTotal. VirusTotal. Retrieved 24 December 2018.
  13. ^ "VirusTotal". VirusTotal.
  14. ^ "VTzilla: Mozilla Firefox Browser Extension". VirusTotal. Retrieved 23 March 2014.
  15. ^ "VirusTotal for Android". VirusTotal. Retrieved 23 March 2014.
  16. ^ "VirusTotal Public API v2.0". VirusTotal. Retrieved 23 March 2014.
  17. ^ a b c "Credits & Acknowledgements". Virustotal. Virustotal. Retrieved 3 June 2016.
  18. ^ "VirusTotal". support.virustotal.com. Retrieved 24 October 2019.

External links edit

  • Official website

January 09, 2024
virustotal, this, article, rely, excessively, sources, closely, associated, with, subject, potentially, preventing, article, from, being, verifiable, neutral, please, help, improve, replacing, them, with, more, appropriate, citations, reliable, independent, th. This article may rely excessively on sources too closely associated with the subject potentially preventing the article from being verifiable and neutral Please help improve it by replacing them with more appropriate citations to reliable independent third party sources April 2019 Learn how and when to remove this template message VirusTotal is a website created by the Spanish security company Hispasec Sistemas Launched in June 2004 it was acquired by Google in September 2012 1 2 The company s ownership switched in January 2018 to Chronicle a subsidiary of Google VirusTotalType of siteInternet security file and URL analyzerAvailable inArabic Bulgarian Chinese Chinese Hong Kong Chinese Taiwan Croatian Czech Danish Dutch English US English GB Estonian Filipino Finnish French German Greek Hebrew Hindi Hungarian Indonesian Italian Japanese Korean Latvian Lithuanian Malay Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swedish Thai Turkish Ukrainian VietnameseHeadquartersDublin IrelandArea servedWorldwideCreated byHispasec SistemasGeneral managerBernardo QuinteroKey peopleBernardo Quintero Emiliano Martinez Victor Manuel Alvarez Karl Hiramoto Julio Canto Alejandro Bermudez Juan A InfantesParentGoogle LLC 2012 2018 Chronicle 2018 present URLwww wbr virustotal wbr comCommercialNoRegistrationOptionalLaunchedJune 2004 19 years ago 2004 06 Current statusActiveVirusTotal aggregates many antivirus products and online scan engines 3 4 called Contributors 5 In November 2018 the Cyber National Mission Force a unit subordinate to the U S Cyber Command became a Contributor 6 The aggregated data from these Contributors allows a user to check for viruses that the user s own antivirus software may have missed or to verify against any false positives 7 Files up to 650 MB can be uploaded to the website or sent via email max 32MB Anti virus software vendors can receive copies of files that were flagged by other scans but passed by their own engine to help improve their software and by extension VirusTotal s own capability Users can also scan suspect URLs and search through the VirusTotal dataset VirusTotal uses the Cuckoo sandbox for dynamic analysis of malware 8 VirusTotal was selected by PC World as one of the best 100 products of 2007 9 Contents 1 Products and services 1 1 Windows Uploader 1 2 Uploader for Mac OS X and Linux 1 3 VirusTotal for Browsers 1 4 VirusTotal for Mobile 1 5 Public API 1 6 Antivirus products 1 7 Website domain scanning engines and datasets 1 8 File characterization tools amp datasets 2 Privacy 3 References 4 External linksProducts and services editWindows Uploader edit VirusTotal s Windows Uploader 10 is a discontinued desktop application which integrates into File Explorer s context menu under Send To gt VirusTotal The application also launches manually for submitting a URL or a program that is currently running in the OS VirusTotal stores the name and various hashes for each scanned file Already scanned files can be identified by their known e g VT default SHA256 hash without uploading complete files The SHA256 query URL has the form https www virustotal com latest scan SHA256 File uploads are normally limited to 128 MB 11 In 2017 VirusTotal discontinued the Windows Uploader listing the third party VirusTotalUploader program as an alternative 12 Uploader for Mac OS X and Linux edit The Mac OS X and Linux uploaders are similar to the Windows app One can upload a file via the app s UI or context menu and will be given back a result The Mac OS X app can be downloaded from the VirusTotal website To use the app on Linux one needs to compile and build the app using the same core used in the Mac OS X application provided in the repository 12 VirusTotal for Browsers edit There are several browser extensions available such as VT4Browsers for Mozilla Firefox and Google Chrome and vtExplorer for Internet Explorer 13 They allow the user to download files directly with VirusTotal s web application prior to storing them in the computer as well as scanning URLs 14 VirusTotal for Mobile edit The service also offers an Android app 15 which employs the public API to search any installed application for VirusTotal s previously scanned ones and show its status Any application not previously scanned can be submitted but an API key must be provided and other restrictions to public API usage may apply see Public API Public API edit VirusTotal provides a public API as a free service It provides automation for some of its online features such as upload and scan files submit and scan URLs access finished scan reports and make automatic comments on URLs and samples Some restrictions apply for requests made through the public API such as requiring an individual API key freely obtained by online signing up low priority scan queue limited number of requests per time frame etc 16 Antivirus products edit Antivirus engines used for detection for uploading files 17 AegisLab AegisLab Antiy Labs Antiy AVL Aladdin eSafe AVAST Software Avast Antivirus AVG Technologies AVG AntiVirus Avira BluePex AVware Baidu Baidu International BitDefender GmbH BitDefender Bkav Corporation Bkav ByteHero Information Security Technology Team ByteHero Cat Computer Services Quick Heal CMC InfoSec CMC Antivirus CYREN ClamAV Comodo Comodo Criminal IP CrowdStrike Cybereason Doctor Web Ltd Dr Web Emsisoft Ltd Emsisoft Endgame Eset Software ESET NOD32 Fortinet FRISK Software F Prot F Secure Gridinsoft G Data CyberDefense G Data Hacksoft The Hacker Hauri ViRobot IKARUS Security Software IKARUS INCA Internet nProtect Invincea Invincea acquired by Sophos Jiangmin KV Antivirus Kaspersky Lab Kaspersky Anti Virus Kingsoft Malwarebytes Corporation Malwarebytes Anti Malware McAfee Microsoft Malware Protection MicroWorld eScan NANO Security NANO Antivirus Norman Norman Antivirus Panda Security Panda Platinum Palo Alto Networks Palo Alto Networks Threat Intelligence Cloud Qihoo 360 Rising Antivirus Rising SentinelOne Sophos SAV SUPERAntiSpyware Symantec Corporation Symantec Tencent ThreatTrack Security VIPRE Antivirus TotalDefense Trend Micro TrendMicro TrendMicro HouseCall VirusBlokAda VBA32 Webroot WhiteArmor Yandex Zillya Zillya Zoner Software Zoner Antivirus Website domain scanning engines and datasets edit Antivirus scanning engines used for URL scanning 17 ADMINUSLabs ADMINUSLABS AegisLab WebGuard AegisLab Alexa Amazon AlienVault AlienVault Antiy AVL Antiy Labs AutoShun RiskAnalytics Avira Checkurl Avira Baidu Baidu International BitDefender CRDF CRDF FRANCE C SIRT Cyscon SIRT CLEAN MX Comodo Site Inspector Comodo Group CyberCrime Xylitol Dr Web Link Scanner Dr Web Emsisoft Emsi Software GmbH ESET FortiGuard Web Filtering Fortinet G Data Google Safe Browsing Google Kaspersky URL advisor Kaspersky Lab Malc0de Database Malc0de Malekal Malekal s MalwareDB Malwarebytes hpHosts Malwarebytes Malwared Malwared malwaremustdie org Malware Domain Blocklist DNS BH Malware Domain Blocklist Malware Domain List Malware Domain List MalwarePatrol MalwarePatrol Malwares com Saint Security Netcraft Opera Palevo Tracker Abuse ch ParetoLogic URL Clearing House ParetoLogic PhishFort Phishtank OpenDNS Quttera Quttera Ltd SCUMWARE Scumware org SecureBrain SecureBrain Sophos SpyEye Tracker Abuse ch StopBadware StopBadware Sucuri SiteCheck Sucuri ThreatHive The Malwarelab Trend Micro Site Safety Center Trend Micro urlQuery urlQuery net VX Vault Websense ThreatSeeker Websense Webutation Wepawet iseclab org Yandex Safe Browsing Yandex ZCloudsec Zcloudsec ZDB Zeus ZeuS Tracker Abuse ch Zvelo File characterization tools amp datasets edit Utilities used to provide additional info on uploaded files 17 Androguard Anthony Desnos Cuckoo Sandbox Claudio Guarnieri ExifTool Phil Harvey Magic descriptor Linux NSRL information NIST s National Software Reference Library PDFiD Didier Stevens pefile Ero Carrera PEiD Jibz Sigcheck Mark Russinovich Snort Sourcefire ssdeep Jesse Kornblum Suricata Open Information Security Foundation Taggant packer information tool ReversingLabs TrID Marco Pontello UEFI Firmware parser Teddy Reed Wireshark Wireshark Foundation Zemana behaviour Zemana CarbonBlack CarbonBlack Privacy editFiles uploaded to VirusTotal may be shared freely with anti malware companies and will also be retained in a store The VirusTotal About Page states under VirusTotal and confidentiality 18 Files and URLs sent to VirusTotal will be shared with antivirus vendors and security companies so as to help them in improving their services and products We do this because we believe it will eventually lead to a safer Internet and better end user protection By default any file URL submitted to VirusTotal which is detected by at least one scanner is freely sent to all those scanners that do not detect the resource Additionally all files and URLs enter a private store that may be accessed by premium mainly security antimalware companies organizations VirusTotal users so as to improve their security products and services References edit Lardinois Frederic 7 September 2012 Google Acquires Online Virus Malware and URL Scanner VirusTotal TechCrunch Retrieved 12 April 2013 VirusTotal Team 7 September 2012 An update from VirusTotal Blog virustotal com Retrieved 3 June 2016 Credits amp Acknowledgements About VirusTotal VirusTotal Retrieved 6 July 2014 Example Report Virustotal com 2 April 2014 Retrieved 3 June 2016 Contributors VirusTotal New CNMF initiative shares malware samples with cybersecurity industry gt U S Cyber Command gt News www cybercom mil Archived from the original on 30 September 2020 Retrieved 22 February 2022 About VirusTotal Virustotal com Archived from the original on 12 August 2010 Retrieved 3 June 2016 Credits of VirusTotal Virustotal com Retrieved 27 November 2021 Dahl Eric 21 May 2007 The 100 Best Products of 2007 PCWorld IDG Consumer amp SMB Retrieved 3 June 2016 VirusTotal Windows Desktop Application VirusTotal Retrieved 16 February 2014 What is the maximum file size that can be submitted FAQ VirusTotal Retrieved 20 January 2015 a b Desktop Apps VirusTotal VirusTotal Retrieved 24 December 2018 VirusTotal VirusTotal VTzilla Mozilla Firefox Browser Extension VirusTotal Retrieved 23 March 2014 VirusTotal for Android VirusTotal Retrieved 23 March 2014 VirusTotal Public API v2 0 VirusTotal Retrieved 23 March 2014 a b c Credits amp Acknowledgements Virustotal Virustotal Retrieved 3 June 2016 VirusTotal support virustotal com Retrieved 24 October 2019 External links editOfficial website Retrieved from https en wikipedia org w index php title VirusTotal amp oldid 1182224684, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.