5.1 Application Information Lookup

Request

Value

Method

GET

URL

https://api.metadefender.com/v3/appinfo/:hash

Summary

OPSWAT MetaAccess application information

Request

HTTP URL parameters

 

Description

Example

:hash

The hash value for which you need OESIS info (MD5/SHA1/SHA256)

B075602CF6BCB3284C44A640DAFFA49CC5AA8F469A20E4B242F2DDE85FCB4DBE

HTTP Header Parameters

 

Description

Allowed Values

Required

Authorization

give rights to use the endpoint (API Authentication Mechanisms)

apikey

YES

Response

HTTP Status Codes

Please refer to Status Codes for more information.

Body

Example of successful product info:

{
"success": true,
"data": [{
"appinfo_report_date": "2016-05-31T00:00:00.000Z",
"sha1": "530068C230FE07ABBEC2574642D0973BF4BE1CC0",
"connection_stats": [{
"domain_name_count": 29,
"domain_name": "amazonaws.com",
"host_name_count": 29,
"host_name": "compute-1.amazonaws.com",
"external_ip_count": 29,
"external_ip": "54.86.89.255"
},
...
],
"os_infos": [{
"service_pack": "",
"wa_os_id": "59",
"kernel_version": "10.0.10586",
"language": "Dansk (Danmark)",
"arch": "64-bit",
"os_type": 1,
"os_name_norm": "microsoft windows 10 home",
"os_name": "Microsoft Windows 10 Home"
},
...
],
"product_info_stats": [{
"product_version_norm": "3 12 5",
"product_name_norm_count": 15559,
"product_name_norm": "dropbox"
}],
"product_infos": [{
"wa_signature_id": "2543",
"wa_product_id": "110",
"product_version": "3.12.5",
"product_name": "Dropbox"
}, {
...
}],
"vendor_infos": [{
"wa_vendor_id": "0",
"vendor_name": "Dropbox, Inc."
}, {
"wa_vendor_id": "97",
"vendor_name": "Dropbox, Inc."
}],
"loaded_component_stats": [{,
"loaded_component_count": 216,
"loaded_component": "70BF9B4E96969ABD00772E68DFD92E10B6BF1AD6"
},
...
],
"categories": [{
"wa_category_id": "2",
"category_name": "Backup Client"
}, {
"wa_category_id": "0",
"category_name": "Cloud Storage"
}, {
"wa_category_id": "9",
"category_name": "Cloud Storage"
}],
"file_path_stats": [{
"file_path_count": 37,
"file_path": "\\users\\...\\appdata\\roaming\\dropbox\\bin\\dropbox.exe"
},
...
],
"file_infos": [{
"sha1": "530068C230FE07ABBEC2574642D0973BF4BE1CC0",
"file_property_version_norm": "3.12.5.0",
"file_property_version": "3.12.5.0",
"file_size": 24952456,
"file_name_lower": "dropbox.exe",
"file_name": "Dropbox.exe"
},
...
]
 
}, {
...
}]
}

Example of the parameter being invalid:

{
"success": false,
"error": {
"code": 400033,
"messages": [
"The hash `0000BF66978AA7EA3DF2BE15286026442CF19D52` information does not exist"
]
}
}

Descriptions of response:

data.appinfo_report_date

The timestamp when this application information was reported

data.sha1

The hash (SHA1 format) of the file

connection_stats.domain_name

The domain name corresponding to the reported IP address

connection_stats.domain_name_count

How many times this domain name was reported for the parent applications

connection_stats.host_name

The host name corresponding to the reported IP address

connection_stats.host_name_count

How many times this host name was reported for the parent applications

connection_stats.external_ip

The reported IP addresses for the network traffic of the parent applications

connection_stats.external_ip_count

How many times this IP was reported for the parent applications

os_infos.kernel_version

The kernel version reported from each endpoint for each running OS

os_infos.service_pack

The service pack version reported from each endpoint for each running OS

os_infos.language

The OS language configuration reported from each endpoint for each running OS

os_infos.arch

The system architecture (32/64 bit) reported from each endpoint for each running OS

os_infos.os_name

The operating system official name reported from each endpoint for each running OS

product_info_stats.product_version_norm

The product version normalized reported for all running applications from each endpoint

product_info_stats.product_name_norm_count

How many times this application version was reported

product_info_stats.product_name_norm

The reported product name (normalized)

product_infos.product_version

The reported product version

product_infos.product_name

The reported product name (official)

vendor_infos.vendor_name

The reported vendor name (official)

loaded_component_stats.loaded_component

The hash (SHA1 format) of one of the components loaded at runtime

loaded_component_stats.loaded_component_count

How many times this component was reported as loaded for the applications this file belong to

categories.wa_category_id

Internal generated category ID; this corresponds to the applications classified by OESIS Framework

categories.category_name

Internal generated category name; this corresponds to the applications classified by OESIS Framework

Errors

Please refer to Errors for more information.

Sample code (Node.js)

var http = require("https");
 
var options = {
"method": "GET",
"hostname": "api.metadefender.com",
"path": "/v3/appinfo/9B6AEA1992775510CB9014AD6860D146",
"headers": {
"Authorization": "apikey " + process.env.APIKEY
}
};
 
var req = http.request(options, function (res) {
var chunks = [];
 
res.on("data", function (chunk) {
chunks.push(chunk);
});
 
res.on("end", function () {
var body = Buffer.concat(chunks);
console.log(body.toString());
});
});
 
req.end();

Sample code (cURL)

curl -X GET \
https://api.metadefender.com/v3/appinfo/9B6AEA1992775510CB9014AD6860D146 \
-H 'authorization: apikey ${APIKEY}'