malware_hash.RdThe Malware Hash Registry (MHR) project is a look-up service similar to the Team Cymru IP address to ASN mapping project. This project differs however, in that you can query the service for a computed MD5 or SHA-1 hash of a file and, if it is malware and the service knows about it, it returns the last time it's seen it along with an approximate anti-virus detection percentage.
malware_hash(hashes, timeout = getOption("timeout"))
| hashes | vector of IPv4 address (character - dotted-decimal) |
|---|---|
| timeout | numeric: the timeout (in seconds) to be used for this connection. Beware that some OSes may treat very large values as zero: however the POSIX standard requires values up to 31 days to be supported. |
data frame of BGP Origin ASN lookup results
sha1_md5 - hash queried for
last_known_timestamp - last known GMT timestamp associated with that hash
detection_pct - detection percentage across a mix of AV packages
If a socket connection cannot be made (i.e. a network problem on your
end or a service/network problem on their end), all columns will be
NA.
Attempting to enumerate the malware registry via the public service interface is not only impractical, it is also strictly prohibited. Contact Team Cymru if the public interface is insufficient for your needs and we may be able to come up with alternative arrangement. Also, A direct connection to TCP Port 43 (WHOIS) is required for most of these API functions to work properly.
# NOT RUN { malware_hash(c("1250ac278944a0737707cf40a0fbecd4b5a17c9d", "7697561ccbbdd1661c25c86762117613", "cbed16069043a0bf3c92fff9a99cccdc", "e6dc4f4d5061299bc5e76f5cd8d16610", "e1112134b6dcc8bed54e0e34d8ac272795e73d74")) # }