Virus Total API V3

The Virus Total V3 Connector app allows security teams to integrate with the Virus Total V3 enterprise app to inspect items with over 70 antivirus scanners and URL/domain blacklisting services, in addition to a myriad of tools to extract signals from the studied content.

Supported Actions and Example Prompts

The following table lists the supported actions and prompt examples for an action:

Action	Description	Prompt Example
Get an analysis report	This action obtains details from the analysis report. For more information, see Action: Get an Analysis Report.	Get the report of the analysis bef83dd8-7299-4ac7-8ae5-2b52d691abd6 from Virus Total V3.
Get domain details	This action obtains domain details. For more information, see Action: Get Domain Details.	Get the details of the domain www.sample.com.
Get IP address details	This action retrieves the IP address details. For more information, see Action: Get IP Address Details.	Get the details of the IP address 8.8.8.8.
Get URL details	This action retrieves the URL details. For more information, see Action: Get URL Details.	Get the details of the URL http://www.abcd.com/index.html.
Submit a URL for analysis	This action submits a URL for report analysis. For more information, see Action: Submit a URL for Analysis.	Submit the URL http://www.abcd.com/index.html for analysis.

Install and Configure the App

Install and configure the required apps to enable Quarterback AI to perform various security-related tasks and provide relevant responses. After installing an app, you must create an instance that will be used to communicate with the app endpoints. An app can have multiple instances, and you can set a default instance from the configured instance list.

Before you Start

Ensure that you have the API token to authenticate with the Virus Total V3 app.

Steps:

To install and configure an app, follow these steps:

Go to the application, in the left pane, select Quarterback AI.
In Apps, select Virus Total V3 and click Install.
After the app is installed, click Configure and enter the following details to create an instance:
- Instance Name: Enter a name for the instance.
- Instance Description: Enter a description for the instance.
- Expiry: Select an expiry date for the instance.
- Set as default instance: Select this option to set this instance as the default instance. By default, this instance will be used to perform actions from this app.
- API Key: Enter the API key. For example, "0imfnc8mVLWwsAawjYr4Rx-Af50DDqtlx".
- Verify: Select this option to verify SSL while making requests. It is recommended to select this option to ensure a secure connection. By default, this option is not selected.
- Timeout: Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with Virus Total V3. You can enter values between 15 - 120 seconds. By default, 15 seconds is set.
Click Done.

The instance is created, and you can view it in Instances. To create another instance, click Add Instance.

Action: Get an Analysis Report

This action obtains details from the analysis report.

Action Input Parameters

Parameter	Description	Field Type	Required/Optional	Comments
Analysis ID	Enter the analysis ID. Example: "bef83dd8-7299-4ac7-8ae5-2b52d691abd6"	Text	Required

Parameter

Description

Field Type

Required/Optional

Comments

Analysis ID

Enter the analysis ID.

Example:

"bef83dd8-7299-4ac7-8ae5-2b52d691abd6"

Text

Required

Example Request

[
   {
      "analysis_id"": "bef83dd8-7299-4ac7-8ae5-2b52d691abd6"
   }
]

Action: Get Domain Details

This action obtains domain details.

Action Input Parameters

Parameter	Description	Field Type	Required/Optional	Comments
Domain name	Enter the domain name. Example: "www.abcd.com"	Text	Required

Parameter

Description

Field Type

Required/Optional

Comments

Domain name

Enter the domain name.

Example:

"www.abcd.com"

Text

Required

Action: Get IP Address Details

This action retrieves the IP address details.

Action Input Parameters

Parameter	Description	Field Type	Required/Optional	Comments
IP address	Enter the IP address. Example: 8.8.8.8	Text	Required

Parameter

Description

Field Type

Required/Optional

Comments

IP address

Enter the IP address.

Example:

8.8.8.8

Text

Required

Action: Get URL Details

This action retrieves the URL details.

Action Input Parameters

Parameter	Description	Field Type	Required/Optional	Comments
URL	Enter the URL. Example: "http://www.abcd.com/index.html"	Text	Required

Parameter

Description

Field Type

Required/Optional

Comments

URL

Enter the URL.

Example:

"http://www.abcd.com/index.html"

Text

Required

Action: Submit a URL for Analysis

This action submits a URL for report analysis.

Action Input Parameters

Parameter	Description	Field Type	Required/Optional	Comments
URL	Enter the URL. Example: "http://www.abcd.com/index.html"	Text	Required

Parameter

Description

Field Type

Required/Optional

Comments

URL

Enter the URL.

Example:

"http://www.abcd.com/index.html"

Text

Required

Quarterback AI

Virus Total API V3

Install and Configure the App

Action: Get an Analysis Report

Action: Get Domain Details

Action: Get IP Address Details

Action: Get URL Details

Action: Submit a URL for Analysis

Search results