Maldatabase API

API provides an easy access method to maldatabase services. It allows you to download the latest content without the need of using a browser, email or any other user interface service. Here you can find documentation and examples about endpoints that will help you building scripts and integrating with your systems.

To access through the API, you will need an API_KEY that will be provided by the Maldatabase team after completing the registration.

API key (example): 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

  Notice

Maldatabase API must not be used in commercial services or for the benefit of a third party business (contact us for partnership offers). The violation of these terms will result in an indefinite suspension of the account.

Feed

get feed

Download feed
GET/download

Download daily feed. (Updated everyday at 1:00 UTC)

GET   https://api.maldatabase.com/download
Request
HideShow
Headers
Authorization: API key
Accept-Encoding: Content is gzip encoded. Use: 'gzip, deflate', ...
Example
curl https://api.maldatabase.com/download -H "Authorization:9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08" --compressed -o feed_file.json
Response  200
HideShow
Values
sha256: SHA256 hash of the sample.
threat_level: Level of the threat. From 0 (no risk identified) to 2 (malicious activity detected).
md5: MD5 hash of the sample.
sha1: SHA1 hash of the sample.
family: Malware family detected for the sample.
size: File size of the sample, in bytes.
type: File type of the sample (EXE, PDF, etc.).
domains: List of domains by the sample.
processes: List of processes executed in the system.
files: List of files dropped in the system.
Example body response (after decoding)
[
 {
  "sha256":"918594b442e18c4f6c51e04256621d907d932b9ab7373fbf9976ddcb3155640d",
  "threat_level":"2",
  "md5":"9ebca10705cc9f3b53918cbe508ac97a",
  "sha1":"dadd19e5b1f916e3c4e17a574257aa3ada0605cb",
  "family":"AZORult",
  "size":"882400",
  "type":"EXE",
  "domains":["www.lootchem.com"],
  "processes":[""],
  "files":["dmcfghost.exe"]
 },
 {
  "sha256":"1f42067b807c94a05690a20c4b6ef9c72f7294bc6fc6e52d7776543ebe2cc8a9",
  "threat_level":"2",
  "md5":"56d9ac47245559b5d688fb808d3841eb",
  "sha1":"2718dfd1bcae2a27e844f3ac48cd21b21a4864b7",
  "family":"njRat",
  "size":"29184",
  "type":"EXE",
  "domains":["www.download.windowsupdate.com","pastebin.com","holydns.warzonedns.com"],
  "processes":["schtasks.exe","wservices.exe","taskhost.exe"],
  "files":["cab3fd6.tmp","tmp1a3a.tmp","tar3f77.tmp","tar3fd7.tmp","wservices.exe","cab3f76.tmp","cab597a.tmp","tar597b.tmp"]
 }
]

Made with by maldatabase © 2017- | All Rights Reserved