Skip to content

dimitrop/VirusTotalBridge

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 

Repository files navigation

These Python scripts were created to automatically check if multiple apks are malicious by uploading them on the VirusTotal website.This requires two steps: 1) upload them (upload_apks.py), and 2) check the reports (retrieve_reports.py).

To upload the apks the former script requires a csv that contains the names of the apks together with their MD5s (VirusTotal identifies apks through their MD5). In our case it's md5sums.csv --- hardcoded (doh! :-P). You also need to have the apks in the same directory. The same csv can be used to retrieve the results by the latter script.

In addition, to perform massive requests from VirusTotal you need to register and get a Publik API key which you must provide as an argument in all the scripts.

The script "check_apk.py" can be used to check the results for one given apk. Usage:

check_apk.py vercoop.bautifulch.app-116.apk your_API_key

Note that VirusTotal does not accept upload requests (via its Public API) for large apks (> 32 MB). In such cases we register which files were not uploaded in another .csv file (large_ones_not_up.csv).

Finally, we use the formdata script that encodes multipart form data to upload files via POST requests, and it was obtaind from here.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages