Didier Stevens

Saturday 28 November 2015

Update: virustotal-search.py Version 0.1.3

Filed under: My Software,Update — Didier Stevens @ 9:29

A small update: I added option -s (separator) so that you can choose your CSV separator.

virustotal-search_V0_1_3.zip (https)
MD5: 6D93F6CCE56AA74C830D66F9AE2E88C0
SHA256: 09D3BA6BCE1A69E8292AD0D44FB216FBCBF5686EA3C64DCD5FC877E91D4141F4

9 Comments »

  1. […] Update: virustotal-search.py Version 0.1.3 […]

    Pingback by Overview of Content Published In November | Didier Stevens — Friday 11 December 2015 @ 0:01

  2. hi!
    i keep getting the below error.

    Search Term Requested Response
    (the value within h.txt) Error VTHTTPReportRequest 0

    command callout:
    python searchvt.py h.txt -o output1.csv

    Saved a test hash value into text format called h.txt
    Reinstalled python and used the attached version but produced the same error.

    Comment by Ryan — Friday 22 January 2016 @ 5:38

  3. @ryan can you use the latest version of my tool (this is an old version). and what is the hash and python version?

    Comment by Didier Stevens — Friday 22 January 2016 @ 9:30

  4. I am getting this error also. “Error VTHTTPReportRequest” I have reinstalled both Python and the latest script and I get the same thing.

    Comment by Anonymous — Wednesday 4 May 2016 @ 22:08

  5. what version of Python are you using?

    Comment by Didier Stevens — Wednesday 4 May 2016 @ 22:10

  6. I am using python-2.7.11.

    Comment by Anonymous — Wednesday 4 May 2016 @ 22:11

  7. On 2.7.11 you can get this error when you use a wrong API key.

    Comment by Didier Stevens — Thursday 5 May 2016 @ 11:47

  8. I have now isolated the issue as I just tried on another system and it works fine. Thanks!

    Comment by Anonymous — Friday 6 May 2016 @ 15:05

  9. I have problem searching this hash 0528107b752bce4934a6a939f27a459bc577aa057c9f50c2aa5bc78559b359ca

    Appreciate if you can check the problem. Thank you

    it will produce following error:

    0528107b752bce4934a6a939f27a459bc577aa057c9f50c2aa5bc78559b359ca,,1,1,2016-04-22 19:17:16,23,56,https://www.virustotal.com/file/0528107b752bce4934a6a939f27a459bc577aa057c9f50c2aa5bc78559b359ca/analysis/1461352636/,ALYac#Backdoor.Linux.Dofloo.B#20160422#1.0.1.9,AVG#Linux/MrBlack.H#20160422#16.0.0.4556,Ad-Aware#Backdoor.Linux.Dofloo.B#20160422#3.0.2.1015,AhnLab-V3#Linux/Dofloo.5100983#20160422#2016.04.23.00,Arcabit#Backdoor.Linux.Dofloo.B#20160422#1.0.0.672,Avast#ELF:Aesddos-G [Trj]#20160422#8.0.1489.320,BitDefender#Backdoor.Linux.Dofloo.B#20160422#7.2,CAT-QuickHeal#Linux.Mayday.g595#20160422#14.00,DrWeb#Linux.Mrblack.13#20160422#7.0.18.3140,ESET-NOD32#Linux/Dofloo.A#20160422#13377,Emsisoft#Backdoor.Linux.Dofloo.B (B)#20160422#3.5.0.656,F-Secure#Backdoor.Linux.Dofloo.B#20160422#11.0.19100.45,Fortinet#ELF/Flooder.B!tr#20160422#5.1.220.0,GData#Backdoor.Linux.Dofloo.B#20160422#25,Ikarus#Backdoor.Linux.Dofloo#20160422#T3.2.0.9.0,Jiangmin#y5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5ޫy5#20160422#16.0.100,Kaspersky#Backdoor.Linux.Dofloo.a#20160422#15.0.1.13,MicroWorld-eScan#Backdoor.Linux.Dofloo.B#20160422#12.0.250.0,NANO-Antivirus#Trojan.Unix.Dofloo.dsmwpt#20160422#1.0.30.8000,Rising#ELF:Trojan.DDoS-Dofloo/Linux!1.A4D8 [F]#20160422#25.0.0.18,Sophos#Linux/DDoS-BE#20160422#4.98.0,Zillya#Backdoor.Dofloo.Linux.1#20160422#2.0.0.2807,nProtect#Backdoor.Linux.Dofloo.B#20160422#2016-04-22.01,
    Traceback (most recent call last):
    File “virustotal-search.py”, line 512, in
    Main()
    File “virustotal-search.py”, line 509, in Main
    VirusTotalSearch(args[0], options)
    File “virustotal-search.py”, line 455, in VirusTotalSearch
    statuscode = GetReports(searchTermsToRequest[0:4], reports, options.comment, dNotFound)
    File “virustotal-search.py”, line 281, in GetReports
    LogResult(searchTermComments[iIter][0], searchTermComments[iIter][1], oResults[iIter], True, withComment)
    File “virustotal-search.py”, line 235, in LogResult
    oLogger.PrintAndLog(formats, parameters)
    File “virustotal-search.py”, line 175, in PrintAndLog
    f.write(line + ‘\n’)
    UnicodeEncodeError: ‘ascii’ codec can’t encode character u’\u07ab’ in position 948: ordinal not in range(128)

    Comment by azhar — Thursday 12 May 2016 @ 7:48


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: