Get VirusTotal Report using PowerShell


VirusTotal is a free virus, malware and URL online scanning service. File checking is done with more than 50 antivirus solutions.

Using this script you can query VirusTotal service from PowerShell using a file name or by hash, and get a detailed report about the file.

Written by Moti Bani - mobani@microsoft.com - (http://blogs.technet.com/b/motiba/) with script portions copied from http://psvirustotal.codeplex.com
Reviewed and edited by Martin Schvartzman
Sign up to VirusTotal Community to get API Key - https://www.virustotal.com/en/documentation/public-api

Examples:

Get-VirusTotalReport -VTApiKey YourAPIKey_1234567890 -FilePath C:\temp\sys\procexp.exe

Get-VirusTotalReport -VTApiKey YourAPIKey_1234567890 -Hash be677bd5fb580ed1acf47777b34b19597feeea07d1ee90646ffa310e58232cbb

 

Comments (4)

  1. Alsa says:

    This is Alsa, phD student. I found the script very useful in my research .But unfortunately I couldnt run it.
    I put the “Sample-Hashes.txt” file and the “VirusTotal.ps1” and “VirusTotal.psm1” programs in the same directory.I ran inside the powershell development interface.In windows 10 I gave the right mouse button in the program “VirusTotal.ps1” and clicked edit then opened.
    Get-VTReport -VTApiKey c2ec8..myAPIKey -file Sample-Hashes.txt.I am badly stuck. Could you please help me to sort it out.

    I am looking forward to hearing from you.
    Thanks and kind regards,
    Alsa

    1. Moti Bani says:

      Hi Alsa,
      what is the error code?

  2. Francis says:

    Hi,
    thanks for your code. Quick question, how do you scan multiple hashes at a time using the public api as it only takes 4 requests per minute?

    Thanks
    Francis

  3. Hobo says:

    Can you search an ip or URL with this? If not, can you show how to add that function?

Skip to main content