Browse Apps
Integration Documentation
  • Last Updated
    Apr 15, 2025
  • Version
    1.2.0
  • Compatibility
    ThreatQ Versions >= 5.19.0

    • VirusTotal Action Bundle

    ThreatQuotient

    Overview

    The VirusTotal Action submits a collection of FQDN and supported objects to the VirusTotal API in individual HTTP Requests. VirusTotal returns a response for each object containing any information it has about the indicator.
    The action can perform the following functions:
    • VirusTotal - enriches supported objects with attributes and related objects describing the Indicator of Compromise.
    The action is compatible with the following indicator types:
    • FQDN
    • IP Address
    • MD5
    • SHA-256
    • SHA-1
    • URL
    The action returns the following enriched indicator objects:
    • FQDN
    • IP Address
    • MD5
    • SHA-256
    • SHA-1
    • URL
    Note:  This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy