The VirusTotal Module
You need a paid VirusTotal subscription to use this module.
Last updated
You need a paid VirusTotal subscription to use this module.
Last updated
The VirusTotal Module monitors your yara-rules for you and alerts you of any new hits. Just fill in your API key and Liberty91 will do the rest. Note that Liberty91 will consume a maximum of 2,976 API-calls per month.
You can find your API-key by logging into VirusTotal and click on your name in the top-right of the screen. Your API-key will be available by clicking on “API-key” in the drop-down window.
For this module to work effectively, you should create yara-rules in the VirusTotal Platform, and let Liberty91 do the monitoring for you. To automatically link any events to entities in the threat library, the title or an alias of that threat entity should be included in the rule name. For example, if ‘APT34’ is mentioned in the rule, it will automatically be linked to the appropriate threat actor. You can find more information about creating YARA-rules in VirusTotal HERE.