VirusTotal

This ihandler submits the captured malware samples to the VirusTotal service for further analysis.

Configuration

apikey

The VirusTotal API-Key.

file

SQLite database file used to cache the results.

Example config

ihandlers/virustotal.yaml

# SPDX-FileCopyrightText: none
# SPDX-License-Identifier: CC0-1.0

- name: virustotal
  config:
    # grab it from your virustotal account at My account -> My API Key (https://www.virustotal.com/en/user/<username>/apikey/)
    apikey: "........."
    file: "@DIONAEA_STATEDIR@/vtcache.sqlite"
    # comment: "This sample was captured in the wild and uploaded by the dionaea honeypot.\n#honeypot #malware #networkworm"