VirusTotal · Example Payload

Virustotal File Behaviour Object Example

Anti-MalwareThreat IntelligenceSecurityFile AnalysisURL AnalysisYARAIoCSandboxMITRE ATT&CKGoogle Cloud

Virustotal File Behaviour Object Example is an example object payload from VirusTotal, with 5 top-level fields. It illustrates the shape of data this provider's APIs accept or return.

Top-level fields

idtypelinksattributesrelationships

Example Payload

Raw ↑ 
{
  "id": "sample",
  "type": "sample",
  "links": {
    "self": "https://www.virustotal.com/gui/file/44d88612"
  },
  "attributes": {
    "sandbox_name": "VirusTotal Jujubox",
    "analysis_date": 1748534400,
    "behash": "sample",
    "tags": [
      "sample"
    ],
    "processes_tree": [
      {}
    ],
    "processes_created": [
      "sample"
    ],
    "processes_injected": [
      "sample"
    ],
    "processes_killed": [
      "sample"
    ],
    "command_executions": [
      "sample"
    ],
    "registry_keys_opened": [
      "sample"
    ],
    "registry_keys_set": [
      {}
    ],
    "files_opened": [
      "sample"
    ],
    "files_written": [
      "sample"
    ],
    "files_deleted": [
      "sample"
    ],
    "files_dropped": [
      {}
    ],
    "modules_loaded": [
      "sample"
    ],
    "mutexes_created": [
      "sample"
    ],
    "mutexes_opened": [
      "sample"
    ],
    "dns_lookups": [
      {}
    ],
    "ip_traffic": [
      {}
    ],
    "http_conversations": [
      {}
    ],
    "tls": [
      {}
    ],
    "mitre_attack_techniques": [
      {}
    ],
    "verdicts": [
      "sample"
    ]
  },
  "relationships": {}
}