Malwoverview usage

Python3 [malwoverview.py](<http://malwoverview.py>) -d /test/test/ -v 1 -t 2 - VT scanning multiple files in a folder. with 2 threads

Python3 [malwoverview.py](<http://malwoverview.py>) -d /test/test/ -a 1 -t 2 - HA scanning multuiple files in a folder. with 2 threads.

Python3 malwoverview.py -f /test/test/file -v 2 - VT search a file on virus total ? Can I do it with the folder ?

Python3 [malwoverview.py](<http://malwoverview.py>) -d /test/test/ -a 1 -v 1 -t 2- VT and Hybird Analysis.

Python3 malwoverview.py -f /test/test/file -v 3 - VT, submits a file to VT and get the report back.

Python3 malwoverview.py -I [IP] -VT IPv4.

Python3 malwoverview.py -f /test/test/file -v 2 -x 2 VT query, and extract overlay.

Python3 malwoverview.py -u hxxp://www.[HOSTNAME].com VT query, can be used with -v 1

Python3 malwoverview.py -r [DOMAIN] Get a domains information

Python3 malwoverview.py -H [FILEHASH] -e 1 - Query the file hash with a different environment

-e HA_ENVIRONMENT, --haenv HA_ENVIRONMENT This option specifies the used environment to be used to test the samlple on Hybrid Analysis: <0> Windows 7 32-bits; <1> Windows 7 32-bits (with HWP Support); <2> Windows 7 64-bits; <3> Android; <4> Linux 64-bits environment. This option is used together either -H option or the -A option.

-a HYBRID_ANALYSIS, --hybrid HYBRID_ANALYSIS Queries the Hybrid Analysis database for getting a general report. Possible values are: 1: Windows 7 32-bit; 2: Windows 7 32-bit (HWP Support); 3: Windows 64-bit; 4: Android; 5: Linux 64-bit. Remember: you need to edit the .malwapi.conf and insert your HA API and secret.

Python3 malwoverview.py -V /test/test/file -VT submits a file

Python3 malwoverview.py -A /test/test/file -e 1|2|3|4|5 -HA submits a file to different enviroment

Python3 malwoverview.py -S hxxps://www.123.123.com -Submit URL to URL haus

-S URL_HAUS_SUB, --haus_submission URL_HAUS_SUB Submits a URL used to distribute malware (executable, script, document) to the URLHaus website. Pay attention: Any other submission will be ignored/deleted from URLhaus. You have to register your URLHaus API into the .malwapi.conf file

Python3 malwoverview.py -U [hxxps://www.asd.](<https://www.asd.com>)com Query a URL on URLHAUS

Python3 malwoverview.py -j [FILEHASH] Query a File hash on URLHAUS

Python3 malwoverview.py -R [sample] -G 1|2|3|4

-R POLYSWARMMETA, --polyswarm_meta POLYSWARMMETA (Only for Linux) Provides the argument value for searches on Polyswarm engine through imphash (the PE file must be provided), ipv4, domain, URL and family. This argument must be used with -G option, so check it, please. Pay attention: you should check your metadata search limit on your Polyswarm account because once you have got the limit, so you will got an error. -G METATYPE, --metatype METATYPE (Only for Linux) This parameter specifies search type for arguments provided by -R option (above) while searching on Polyswarm engine. Thus, the following values are valid -- 0: PE Executable (look for samples with the same ImpHash); 1: IP Address ; 2: Domain ; 3. URL; 4. Family