Package modules :: Package processing :: Module virustotal :: Class VirusTotal
[hide private]
[frames] | no frames]

Class VirusTotal

source code

                            object --+    
                                     |    
lib.cuckoo.common.abstracts.Processing --+
                                         |
                                        VirusTotal

Gets antivirus signatures from VirusTotal.com for various results.

Currently obtains VirusTotal results for the target sample or URL and the dropped files.

Instance Methods [hide private]
 
run(self)
Runs VirusTotal processing
source code
 
scan_file(self, filepath, summary=False)
Retrieve VirusTotal results for a file.
source code
 
scan_url(self, url, summary=False)
Retrieve VirusTotal results for a URL.
source code
 
should_scan_file(self, filetype)
Determines whether a certain filetype should be scanned on VirusTotal.
source code

Inherited from lib.cuckoo.common.abstracts.Processing: __init__, set_baseline, set_options, set_path, set_results, set_task

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Class Variables [hide private]
  order = 2

Inherited from lib.cuckoo.common.abstracts.Processing: enabled

Properties [hide private]

Inherited from object: __class__

Method Details [hide private]

run(self)

source code 

Runs VirusTotal processing

Returns:
full VirusTotal report.
Raises:
  • NotImplementedError - this method is abstract.
Overrides: lib.cuckoo.common.abstracts.Processing.run

scan_file(self, filepath, summary=False)

source code 

Retrieve VirusTotal results for a file.

Parameters:
  • filepath - file path
  • summary - if you want a summary report

scan_url(self, url, summary=False)

source code 

Retrieve VirusTotal results for a URL.

Parameters:
  • url - URL
  • summary - if you want a summary report

should_scan_file(self, filetype)

source code 

Determines whether a certain filetype should be scanned on VirusTotal. For example, we're not interested in scanning text files.

Parameters:
  • filetype - file type