malware_hash {cymruservices}R Documentation

Retrieves malware hash metadata from the Malware Hash Registry

Description

The Malware Hash Registry (MHR) project is a look-up service similar to the Team Cymru IP address to ASN mapping project. This project differs however, in that you can query the service for a computed MD5 or SHA-1 hash of a file and, if it is malware and the service knows about it, it returns the last time it's seen it along with an approximate anti-virus detection percentage.

Usage

malware_hash(hashes, timeout = getOption("timeout"))

Arguments

hashes

vector of IPv4 address (character - dotted-decimal)

timeout

numeric: the timeout (in seconds) to be used for this connection. Beware that some OSes may treat very large values as zero: however the POSIX standard requires values up to 31 days to be supported.

Value

data frame of BGP Origin ASN lookup results

If a socket connection cannot be made (i.e. a network problem on your end or a service/network problem on their end), all columns will be NA.

Note

Attempting to enumerate the malware registry via the public service interface is not only impractical, it is also strictly prohibited. Contact Team Cymru if the public interface is insufficient for your needs and we may be able to come up with alternative arrangement. Also, A direct connection to TCP Port 43 (WHOIS) is required for most of these API functions to work properly.

See Also

http://www.team-cymru.org/IP-ASN-mapping.html

Examples

## Not run: 
malware_hash(c("1250ac278944a0737707cf40a0fbecd4b5a17c9d",
               "7697561ccbbdd1661c25c86762117613",
               "cbed16069043a0bf3c92fff9a99cccdc",
               "e6dc4f4d5061299bc5e76f5cd8d16610",
               "e1112134b6dcc8bed54e0e34d8ac272795e73d74"))

## End(Not run)

[Package cymruservices version 0.5.0 Index]