VirusTotal Public API
By Maltego Technologies

VirusTotal Public API Transforms for Maltego
VirusTotal is a service that analyzes files and URLs for viruses, worms, trojans, and other kinds of malicious content.
It provides as a free service a public API that allows for automation of some of its online features such as upload and scan files, submit and scan URLs, access finished scan reports, and make automatic comments on URLs and samples.
With Maltego Transforms, investigators can query the VirusTotal Public API for information about IP Addresses, Hashes, Domains, and URLs directly within Maltego.
There is also a paid version of VirusTotal that allows customers to examine any file uploaded to the service.
Kindly note that some restrictions apply for requests made through the public API, such as requiring an individual API key freely obtained by signing up online, low priority scan queue, limited number of requests (500 requests per day, and a rate of 4 requests per minute).
Benefits
- Find hashes which have been downloaded from or have communicated with a domain or IP address, or domains and IP addresses which a hash has communicated with
- Visualize actionable Malware IOCs
Typical Users of This Data
- Threat Intelligence Teams

Pricing & Access
Pricing Tier: Free
Get your free API by registering here: https://www.virustotal.com/gui/join-us
Transform Hub Type: Commercial Hub and Community Hub
Requirements: All Maltego editions and Virus Total Public API key
Access: Install VirusTotal Public API hub item directly from Transform on Maltego Desktop Client and enter API key to ger started.
Contact
Reach out to us to learn more about this data integration and how to access it.
About VirusTotal
VirusTotal was founded in 2004 as a free service that analyzes files and URLs for viruses, worms, trojans and other kinds of malicious content. Virus Total’s goal is to make the internet a safer place through collaboration between members of the antivirus industry, researchers and end users of all kinds. Fortune 500 companies, governments and leading security companies are all part of the VirusTotal community, which has grown to over 500,000 registered users. VirusTotal became part of Google in 2012.
For more information, visit: https://www.virustotal.com/gui/.
