This is the documentation for Wazuh 3.2. Check out the docs for the latest version of Wazuh!

What is VirusTotal

VirusTotal is an online service that analyzes files and URLs for the detection of viruses, worms, trojans and other kinds of malicious content using antivirus engines and website scanners. It also has the ability to detect false positives.

VirusTotal is a free service with numerous useful features. For our purpose, we will highlight the following:

  • VirusTotal stores all of the analyses it performs which allows for the hash of a specific file to be searched. By sending the hash to the VirusTotal engine, it can be known if that specific file has already been scanned by VirusTotal and analyze its report.
  • VirusTotal also provides an API that allows access to the information generated by VirusTotal without needing to utilize the HTML website interface. This API is subject to its Terms of Service which are briefly discussed in the following section.