3.1 Retrieving scan reports using a data hash
|
Request |
Value |
|
Method |
GET |
|
URL |
https://api.metadefender.com/v4/hash/:hash |
Summary
Look up a hash by MD5, SHA1, or SHA256.
Request
URL Parameters
|
|
Description |
Example |
|
:hash |
MD5, SHA1, or SHA256 of a file |
6A5C19D9FFE8804586E8F4C0DFCC66DE |
Header Parameters
|
|
Description |
Allowed Values |
Required |
|
apikey |
gives rights to use the endpoint (token authentication) (API Authentication Mechanisms) |
apikey |
YES |
Response
HTTP Status Codes
Please refer to Status Codes for more information.
Body
Example of a successful request:
{ "scan_result_history_length": 154, "file_id": "ZTE3MDgyMkh5UmZGTl94cV9a", "data_id": "ZTE3MDgyMkh5UmZGTl94cV9aUzFsSWU3aGtVNA", "sanitized": { "reason": "File is not sanitizable", "result": "Error" }, "process_info": { "result": "Blocked", "profile": "Sanitize", "post_processing": { "copy_move_destination": "", "converted_to": "", "converted_destination": "", "actions_ran": "", "actions_failed": "" }, "file_type_skipped_scan": false, "blocked_reason": "Infected" }, "scan_results": { "scan_details": { "Zillya!": { "threat_found": "Adware.GenericKD.Win32.5471", "scan_time": 26, "scan_result_i": 1, "def_time": "2019-02-26T17:27:00.000Z" }, "Xvirus Personal Guard": { "threat_found": "", "scan_time": 2518, "scan_result_i": 0, "def_time": "2019-02-24T09:31:00.000Z" }, "VirusBlokAda": { "threat_found": "BScope.Trojan.Downloader", "scan_time": 185, "scan_result_i": 1, "def_time": "2019-02-26T15:24:00.000Z" }, "TrendMicro House Call": { "threat_found": "", "scan_time": 5142, "scan_result_i": 0, "def_time": "2019-02-25T21:06:00.000Z" }, "TrendMicro": { "threat_found": "", "scan_time": 4683, "scan_result_i": 0, "def_time": "2019-02-25T20:54:00.000Z" }, "Total Defense": { "threat_found": "", "scan_time": 4, "scan_result_i": 0, "def_time": "2019-02-26T00:00:00.000Z" }, "ThreatTrack": { "threat_found": "", "scan_time": 16, "scan_result_i": 0, "def_time": "2019-02-25T08:30:00.000Z" }, "TACHYON": { "threat_found": "Adware.GenericKD.3548029", "scan_time": 195, "scan_result_i": 1, "def_time": "2019-02-26T05:00:00.000Z" }, "Sophos": { "threat_found": "App/SysCare-C", "scan_time": 83, "scan_result_i": 1, "def_time": "2019-02-26T00:56:00.000Z" }, "SUPERAntiSpyware": { "threat_found": "", "scan_time": 5301, "scan_result_i": 0, "def_time": "2013-05-22T22:16:00.000Z" }, "Quick Heal": { "threat_found": "PUA.Onesystemc.Gen", "scan_time": 266, "scan_result_i": 1, "def_time": "2019-02-26T08:14:00.000Z" }, "Preventon": { "threat_found": "", "scan_time": 833, "scan_result_i": 0, "def_time": "2013-09-18T17:33:00.000Z" }, "NANOAV": { "threat_found": "", "scan_time": 530, "scan_result_i": 0, "def_time": "2019-02-26T09:18:00.000Z" }, "McAfee": { "threat_found": "", "scan_time": 73, "scan_result_i": 0, "def_time": "2019-02-26T00:00:00.000Z" }, "K7": { "threat_found": "Adware ( 004cc9ef1 )", "scan_time": 25, "scan_result_i": 1, "def_time": "2019-02-26T11:36:00.000Z" }, "Jiangmin": { "threat_found": "RiskTool.SystemCare.k", "scan_time": 4252, "scan_result_i": 1, "def_time": "2019-02-25T23:22:00.000Z" }, "Ikarus": { "threat_found": "PUA.SystemHealer", "scan_time": 6, "scan_result_i": 1, "def_time": "2019-02-26T19:13:05.000Z" }, "Huorong": { "threat_found": "", "scan_time": 943, "scan_result_i": 0, "def_time": "2019-02-23T10:28:00.000Z" }, "Hauri": { "threat_found": "", "scan_time": 16, "scan_result_i": 0, "def_time": "2012-08-04T00:00:00.000Z" }, "Fortinet": { "threat_found": "Riskware/OptimizerEliteMax", "scan_time": 1006, "scan_result_i": 1, "def_time": "2019-02-26T00:00:00.000Z" }, "Filseclab": { "threat_found": "W32.OptimizerEliteMax.E.zcce", "scan_time": 511, "scan_result_i": 1, "def_time": "2019-02-25T22:48:00.000Z" }, "F-secure": { "threat_found": "", "scan_time": 3774, "scan_result_i": 0, "def_time": "2019-02-05T01:33:00.000Z" }, "F-prot": { "threat_found": "", "scan_time": 43, "scan_result_i": 0, "def_time": "2019-02-26T18:30:00.000Z" }, "Emsisoft": { "threat_found": "", "scan_time": 149, "scan_result_i": 0, "def_time": "2019-02-26T13:51:00.000Z" }, "ESET": { "threat_found": "a variant of Win32/UwS.SystemHealer.B application", "scan_time": 159, "scan_result_i": 1, "def_time": "2019-02-26T00:00:00.000Z" }, "Cyren": { "threat_found": "", "scan_time": 26, "scan_result_i": 0, "def_time": "2019-02-26T20:03:00.000Z" }, "ClamAV": { "threat_found": "", "scan_time": 1211, "scan_result_i": 0, "def_time": "2019-02-26T10:34:00.000Z" }, "ByteHero": { "threat_found": "", "scan_time": 3566, "scan_result_i": 0, "def_time": "2019-02-26T00:00:00.000Z" }, "BitDefender": { "threat_found": "", "scan_time": 176, "scan_result_i": 0, "def_time": "2019-02-26T14:01:00.000Z" }, "Baidu": { "threat_found": "PUA.Win32.OptimizerEliteMax.onsc", "scan_time": 7330, "scan_result_i": 1, "def_time": "2019-02-26T21:34:00.000Z" }, "Avira": { "threat_found": "PUA/SpeedUpMyPC.AF4F", "scan_time": 5, "scan_result_i": 1, "def_time": "2019-02-25T00:00:00.000Z" }, "Antiy": { "threat_found": "GrayWare[Adware]/Win32.OptimizerEliteMax.e", "scan_time": 6, "scan_result_i": 1, "def_time": "2019-02-26T14:47:00.000Z" }, "Ahnlab": { "threat_found": "", "scan_time": 40, "scan_result_i": 0, "def_time": "2019-02-26T21:25:00.000Z" }, "Agnitum": { "threat_found": "", "scan_time": 13, "scan_result_i": 0, "def_time": "2019-02-25T10:54:00.000Z" }, "AegisLab": { "threat_found": "", "scan_time": 22, "scan_result_i": 0, "def_time": "2019-02-26T01:00:00.000Z" }, "Vir.IT eXplorer": { "threat_found": "PUP.Win32.OSCL.A", "scan_time": 45, "scan_result_i": 1, "def_time": "2019-02-26T14:46:00.000Z" }, "Vir.IT ML": { "threat_found": "", "scan_time": 2275, "scan_result_i": 0, "def_time": "2019-02-22T14:46:00.000Z" } }, "rescan_available": true, "scan_all_result_i": 1, "start_time": "2019-02-26T21:53:32.770Z", "total_time": 11206, "total_avs": 37, "total_detected_avs": 15, "progress_percentage": 100, "scan_all_result_a": "Infected" }, "file_info": { "file_size": 765024, "upload_timestamp": "2017-09-05T18:30:04.000Z", "md5": "6A5C19D9FFE8804586E8F4C0DFCC66DE", "sha1": "016CD548A5BA78015F85E2591BF6189658ACA066", "sha256": "BE41E36233DD8DB2B28A109E7FC7C409E1353BF2D1710158BBE267280E163353", "file_type_category": "E", "file_type_description": "Executable File", "file_type_extension": "exe", "display_name": "CleanupConsole.exe" }, "share_file": 1, "rest_version": "4", "additional_info": [], "votes": { "up": 0, "down": 0 }}Example of a successful request for an archive:
{ "scan_result_history_length": 5, "file_id": "YTE3MDgwMlNKd1pQcmRmSlBX", "data_id": "YTE3MDgwMlNKd1pQcmRmSlBXcmtrZDdlTlVfNlE", "process_info": { "result": "Blocked", "profile": "File scan", "post_processing": { "copy_move_destination": "", "converted_to": "", "converted_destination": "", "actions_ran": "", "actions_failed": "" }, "file_type_skipped_scan": false, "blocked_reason": "Infected" }, "extracted_files": { "data_id": "YTE3MDgwMlNKd1pQcmRmSlBXcmtrZDdlTlVfNlE", "files_in_archive": [ { "scan_result_i": 15, "progress_percentage": 100, "file_type": "application/encrypted", "file_size": 14336, "display_name": "test_protected.xlsx", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYcnlYdWxWVXVUbQ" }, { "scan_result_i": 15, "progress_percentage": 100, "file_type": "application/msword", "file_size": 22528, "display_name": "test_protected.doc", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYckpIX3hWVU82bQ" }, { "scan_result_i": 1, "progress_percentage": 100, "file_type": "application/msword", "file_size": 23040, "display_name": "test_doc.doc", "detected_by": 1, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYckpXQmVOOHVhWA" }, { "scan_result_i": 15, "progress_percentage": 100, "file_type": "application/encrypted", "file_size": 17920, "display_name": "test_protected.docx", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYQmtkT2xWTGRwbQ" }, { "scan_result_i": 1, "progress_percentage": 100, "file_type": "application/vnd.ms-powerpoint", "file_size": 86016, "display_name": "test_ppt.ppt", "detected_by": 1, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYU0p0X2xOTGRwWA" }, { "scan_result_i": 15, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYSDFxX2xFSV82WA", "progress_percentage": 100, "file_type": "application/encrypted", "file_size": 37376, "display_name": "test_protected.pptx", "detected_by": 0 }, { "scan_result_i": 15, "progress_percentage": 100, "file_type": "application/encrypted", "file_size": 17920, "display_name": "test_protected2.docx", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYU2tpdWc0TF9hUQ" }, { "scan_result_i": 0, "progress_percentage": 100, "file_type": "image/tiff", "file_size": 819698, "display_name": "test_tiff.tiff", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYU0pPZ1ZVZHA3" }, { "scan_result_i": 0, "progress_percentage": 100, "file_type": "application/pdf", "file_size": 141555, "display_name": "test_pdf.pdf", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYU2tndXg0TF82UQ" }, { "scan_result_i": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYQnlXT2dFOF9UUQ", "progress_percentage": 100, "file_type": "text/rtf", "file_size": 42923, "display_name": "test_rtf.rtf", "detected_by": 0 }, { "scan_result_i": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYU3l6X2xOSV9wNw", "progress_percentage": 100, "file_type": "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet", "file_size": 8261, "display_name": "test_xlsx.xlsx", "detected_by": 0 }, { "scan_result_i": 0, "progress_percentage": 100, "file_type": "image/bmp", "file_size": 151670, "display_name": "test_bmp.bmp", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYQkpybE5JdTZY" }, { "scan_result_i": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYQnk0dWdWOHVhbQ", "progress_percentage": 100, "file_type": "application/vnd.openxmlformats-officedocument.presentationml.presentation", "file_size": 32029, "display_name": "test_pptx.pptx", "detected_by": 0 }, { "scan_result_i": 0, "progress_percentage": 100, "file_type": "application/vnd.ms-excel", "file_size": 26624, "display_name": "test_xls.xls", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYU0o4T2dFTHU2UQ" }, { "scan_result_i": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYSEpncmVOVWRUbQ", "progress_percentage": 100, "file_type": "text/html", "file_size": 192, "display_name": "test_html.html", "detected_by": 0 }, { "scan_result_i": 0, "progress_percentage": 100, "file_type": "image/jpeg", "file_size": 101763, "display_name": "test_jpg2.jpg", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYSEpQT3hOOF9UNw" }, { "scan_result_i": 0, "progress_percentage": 100, "file_type": "application/vnd.openxmlformats-officedocument.wordprocessingml.document", "file_size": 12137, "display_name": "test_docx.docx", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYQnlmcmdWVXVwbQ" }, { "scan_result_i": 0, "progress_percentage": 100, "file_type": "image/jpeg", "file_size": 47003, "display_name": "test_jpg.jpg", "detected_by": 0, "data_id": "WVRFM01EZ3dNbE5LZDFwUWNtUm1TbEJYUzFRU3hOTF82bQ" } ] }, "scan_results": { "scan_details": { "TrendMicro House Call": { "threat_found": "", "scan_time": 975, "scan_result_i": 0, "def_time": "2018-11-11T02:00:00.000Z" }, "SUPERAntiSpyware": { "threat_found": "", "scan_time": 1102, "scan_result_i": 0, "def_time": "2018-10-05T20:08:00.000Z" }, "Preventon": { "threat_found": "", "scan_time": 1178, "scan_result_i": 3, "def_time": "2018-11-12T23:56:00.000Z" }, "ClamAV": { "threat_found": "", "scan_time": 1235, "scan_result_i": 0, "def_time": "2018-11-12T22:07:00.000Z" }, "Zillya!": { "threat_found": "", "scan_time": 4, "scan_result_i": 0, "def_time": "2018-11-12T15:21:00.000Z" }, "Xvirus Personal Guard": { "threat_found": "", "scan_time": 68, "scan_result_i": 0, "def_time": "2018-11-12T10:34:00.000Z" }, "VirusBlokAda": { "threat_found": "", "scan_time": 8, "scan_result_i": 0, "def_time": "2018-11-12T09:03:00.000Z" }, "TrendMicro": { "threat_found": "", "scan_time": 798, "scan_result_i": 0, "def_time": "2018-11-11T02:00:00.000Z" }, "Total Defense": { "threat_found": "", "scan_time": 10, "scan_result_i": 0, "def_time": "2018-11-12T00:00:00.000Z" }, "ThreatTrack": { "threat_found": "", "scan_time": 11, "scan_result_i": 0, "def_time": "2018-11-11T08:10:00.000Z" }, "TACHYON": { "threat_found": "", "scan_time": 58, "scan_result_i": 0, "def_time": "2018-11-13T05:00:00.000Z" }, "Sophos": { "threat_found": "", "scan_time": 14, "scan_result_i": 0, "def_time": "2018-11-12T00:19:00.000Z" }, "Quick Heal": { "threat_found": "", "scan_time": 5, "scan_result_i": 0, "def_time": "2018-11-12T12:28:00.000Z" }, "NANOAV": { "threat_found": "", "scan_time": 9, "scan_result_i": 0, "def_time": "2018-11-12T22:33:00.000Z" }, "McAfee": { "threat_found": "", "scan_time": 10, "scan_result_i": 0, "def_time": "2018-11-12T00:00:00.000Z" }, "K7": { "threat_found": "", "scan_time": 2, "scan_result_i": 0, "def_time": "2018-11-13T00:55:00.000Z" }, "Ikarus": { "threat_found": "", "scan_time": 4, "scan_result_i": 0, "def_time": "2018-11-12T19:11:52.000Z" }, "Huorong": { "threat_found": "", "scan_time": 59, "scan_result_i": 0, "def_time": "2018-11-11T09:50:00.000Z" }, "Hauri": { "threat_found": "", "scan_time": 3, "scan_result_i": 0, "def_time": "2018-11-13T00:00:00.000Z" }, "Fortinet": { "threat_found": "", "scan_time": 42, "scan_result_i": 0, "def_time": "2018-11-12T00:00:00.000Z" }, "Filseclab": { "threat_found": "", "scan_time": 208, "scan_result_i": 0, "def_time": "2018-11-12T00:50:00.000Z" }, "F-secure": { "threat_found": "", "scan_time": 648, "scan_result_i": 0, "def_time": "2018-11-12T03:21:00.000Z" }, "F-prot": { "threat_found": "", "scan_time": 0, "scan_result_i": 0, "def_time": "2018-11-13T01:58:00.000Z" }, "Emsisoft": { "threat_found": "", "scan_time": 8, "scan_result_i": 0, "def_time": "2018-11-12T19:06:00.000Z" }, "ESET": { "threat_found": "", "scan_time": 1, "scan_result_i": 0, "def_time": "2018-11-12T00:00:00.000Z" }, "Cyren": { "threat_found": "", "scan_time": 11, "scan_result_i": 0, "def_time": "2018-11-13T05:31:00.000Z" }, "ByteHero": { "threat_found": "", "scan_time": 258, "scan_result_i": 0, "def_time": "2018-11-12T00:00:00.000Z" }, "BitDefender": { "threat_found": "", "scan_time": 8, "scan_result_i": 0, "def_time": "2018-11-13T02:29:00.000Z" }, "Avira": { "threat_found": "", "scan_time": 7, "scan_result_i": 0, "def_time": "2018-11-11T00:00:00.000Z" }, "Antiy": { "threat_found": "", "scan_time": 3, "scan_result_i": 0, "def_time": "2018-11-12T14:46:00.000Z" }, "Ahnlab": { "threat_found": "", "scan_time": 2, "scan_result_i": 0, "def_time": "2018-11-13T00:00:00.000Z" }, "Agnitum": { "threat_found": "", "scan_time": 1, "scan_result_i": 0, "def_time": "2018-11-09T07:18:00.000Z" }, "AegisLab": { "threat_found": "", "scan_time": 71, "scan_result_i": 0, "def_time": "2018-11-12T01:00:00.000Z" }, "Vir.IT eXplorer": { "threat_found": "", "scan_time": 9, "scan_result_i": 0, "def_time": "2018-11-12T14:46:00.000Z" }, "Vir.IT ML": { "threat_found": "", "scan_time": 5, "scan_result_i": 0, "def_time": "2018-11-09T14:46:00.000Z" } }, "rescan_available": true, "scan_all_result_i": 1, "start_time": "2018-11-13T13:38:52.680Z", "total_time": 7001, "total_avs": 35, "total_detected_avs": 0, "progress_percentage": 100, "scan_all_result_a": "Infected" }, "file_info": { "file_size": 1286700, "upload_timestamp": "2018-03-21T16:47:30.000Z", "md5": "EF4A5B9ECC9D2E3380D035F71C00AFA1", "sha1": "972695E77E75307EC38B2F089EDBE129C29FF870", "sha256": "0C4161B19D8CE5B2721AA0AF2CDDE5F121DDAB81004DB3B7FF243D74CFFD3EA4", "file_type_category": "", "file_type_description": "ZIP Archive", "display_name": "archive.zip" }, "share_file": 1, "rest_version": "4", "additional_info": [], "votes": { "up": 0, "down": 0 }}Example of failed scan request:
{ "success": false, "error": { "code": 404003, "messages": [ "The hash was not found" ] }}Descriptions of response:
|
scan_results.scan_details |
Per engine scan results |
|
scan_results.rescan_available |
Whether this file can be rescanned or not |
|
scan_results.scan_all_result_i |
The scan returned code. Please refer to Description on scan result codes for more information. |
|
scan_results.start_time |
The time when the scan has started |
|
scan_results.total_time |
The total time it took to scan this file |
|
scan_results.total_avs |
The total number of AVs returned in the result |
|
scan_results.total_detected_avs |
The total number of AVs reporting this file as infected |
|
scan_results.progress_percentage |
The progress so far. Returns values between 0 and 100 |
|
scan_results.scan_all_result_a |
A text description of the scan results |
|
file_info.file_type_extension |
File extension, deduced from "file_type_description" |
|
file_info.file_type_description |
File description as returned by the magic lib. |
|
file_info.file_type_category |
Category for the file type. Please refer to Description of file categories for more information. |
|
file_info.upload_timestamp |
The time the file was first uploaded. |
|
file_info.display_name |
The name provided by the initial uploader of the file with the "filename" header |
|
file_info.file_size |
The size of the file, in bytes |
|
data_id |
Unique identifier for this particular scan of the file |
|
file_id |
Unique identifier of the file in our system |
|
votes.down |
Crowdsourced community downvotes |
|
votes.up |
Crowdsourced community upvotes |
|
additional_info |
An array containing strings showing the existence of additional information:
|
|
scan_result_history_length |
The total number of scans |
More levels for file_info level:
|
upload_timestamp |
The first time the file is uploaded to the server (even if the file is rescanned this value will be preserved). |
|
file_type_category |
High-level categorization of the file type. |
Descriptions of archive scan response:
When scanning archives, the archive itself will be scanned as a file, and the files inside the archive will be extracted and scanned individually. The list of files in the archive, the scan results and total number of engines which detected the file as infected can be accessed in the parent archive scan results. For accessing the detailed scan results of the contained file, a separate call needs to be made to the file's data_id.
|
extracted_files.data_id |
Same data_id as original file |
|
extracted_file. files_in_archive |
The list of files extracted from the scanned archive; each item from the list contains a few scan result details. |
|
parent_data_id |
The data_id of the archive that contains the accessed file (the parent archive). This property will only be found in files inside archives. |
-
Supported archive types: ZIP, TAR, RAR, GZ, BZ2, 7Z, XZ, CRX, RPM, Z, LZ, XPI, CAB.
-
If the archive contains sanitizable file types when scanning an entire archive, the respective files won't be sanitized, being interpreted as non-sanitizable files. Please refer to Data Sanitization Request for more information about sanitization.
-
When accessing the extracted files from an archive, "Parent Archive" option is available to identify and access the archive that contains the respective files.
-
Rescan is available only for the entire archive; the extracted files cannot be rescanned one by one.
Errors
Please refer to Errors for more information.
Sample code (Node.js)
var http = require("https");var options = { "method": "GET", "hostname": [ "api", "metadefender", "com" ], "path": [ "v4", "hash", "6A5C19D9FFE8804586E8F4C0DFCC66DE" ], "headers": { "apikey": process.env.APIKEY }};var req = http.request(options, function (res) { var chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { var body = Buffer.concat(chunks); console.log(body.toString()); });});req.end();Sample code (cURL)
curl -X GET \ https://api.metadefender.com/v4/hash/6A5C19D9FFE8804586E8F4C0DFCC66DE \ -H "apikey: ${APIKEY}"