malware_hash: Retrieves malware hash metadata from the Malware Hash Registry

Description

The Malware Hash Registry (MHR) project is a look-up service similar to the Team Cymru IP address to ASN mapping project. This project differs however, in that you can query the service for a computed MD5 or SHA-1 hash of a file and, if it is malware and the service knows about it, it returns the last time it's seen it along with an approximate anti-virus detection percentage.

Usage

malware_hash(hashes, timeout = getOption("timeout"))

Arguments

hashes

vector of IPv4 address (character - dotted-decimal)

timeout

numeric: the timeout (in seconds) to be used for this connection. Beware that some OSes may treat very large values as zero: however the POSIX standard requires values up to 31 days to be supported.

Value

data frame of BGP Origin ASN lookup results

sha1_md5 - hash queried for
last_known_timestamp - last known GMT timestamp associated with that hash
detection_pct - detection percentage across a mix of AV packages

If a socket connection cannot be made (i.e. a network problem on your end or a service/network problem on their end), all columns will be NA.

Examples

Run this code

# NOT RUN {
malware_hash(c("1250ac278944a0737707cf40a0fbecd4b5a17c9d",
               "7697561ccbbdd1661c25c86762117613",
               "cbed16069043a0bf3c92fff9a99cccdc",
               "e6dc4f4d5061299bc5e76f5cd8d16610",
               "e1112134b6dcc8bed54e0e34d8ac272795e73d74"))
# }

Run the code above in your browser using DataLab

Description

Usage

Arguments

Value

See Also

Examples