VirusTotal#
Enricher overview#
APIv3 Enrichers
Enricher |
Types of Observable enriched |
Endpoints |
Types of Observables created |
|---|---|---|---|
|
Communicating files, Downloaded files, Historical SSL certificates, URLs, Resolutions, MX records, NS records, Referrer files, SOA records, Subdomains |
|
|
|
Compressed parents, Execution parents, ITW domains, ITW IPs, ITW URLs, Contacted IPs, Contacted URLs, Similar files, Embedded domains, Embedded IPs, Embedded URLs, Bundled files, Dropped files, Email attachments, Email parents |
|
|
|
Communicating files, Downloaded files, Historical SSL certificates, URLs, Resolutions, Referrer files |
|
|
|
Communicating files, Contacted domains, Contacted IPs, Downloaded files, Embedded JS files, Last serving IP address, Redirecting URLs, Referrer files, Referrer URLs |
|
APIv2 Enrichers (has entered End of Life)
Enricher |
Types of Observable enriched |
Endpoint |
Type of Entity created |
|---|---|---|---|
Files |
|
|
Indicator |
Domain |
|
|
Indicator |
IP address |
|
|
TTP |
URL |
|
|
Indicator |
Release notes#
# Release History
## 3.4.7, 3.3.7
Release data: 21 February 2025
**Fixed:**
- Fixed STIX XML problems with special characters in the Indicator analysis.
## 3.4.6, 3.3.6
Release data: 07 February 2025
**Fixed:**
- Resolved problems with exiftool attributes
## 3.4.5, 3.3.5
Release data: 12 December 2024
**Fixed:**
- Resolved problems with attributes and typos.
## 3.4.4, 3.3.4
Release data: 15 November 2024
**Added:**
- Now provides new feed for VirusTotal IOC Stream endpoint.
## 3.4.3, 3.3.3
Release data: 04 November 2024
**Fixed:**
- Resolved KeyError in domain enricher for improved stability.
## 3.4.2, 3.3.2
Release data: 04 November 2024
**Improvements:**
- Combined existing enrichers to create four new enrichers for v3.
- Included Parent Report entity in enrichment results for enhanced data insights.
## 3.4.1, 3.3.1
Release data: 26 September 2024
**Fixed:**
- Introduced maliciousness detection in extract creation.
- Updated endpoint paths to /endpoint (formerly /relationship/endpoint).
## 2.10.7, 2.11.2
Release date: 14 March 2022
**Added:**
- Now provides 5 new VirusTotal APIv3 URL Enrichers.
##Release versions: 2.10.6, 2.9.6
Release date: 2 December, 2021
**End of Life:**
"VirusTotal Enricher" is EOL as of 11 August 2021.
It will continue to receive support and updates
up to End of Support Life (EOSL) on 11 February 2022.
Instead, use the "VirusTotal APIv3" set of enrichers.
**Added:**
- Now provides 5 new VirusTotal APIv3 Domain Enrichers.
##Release versions: 2.10.5, 2.9.5
Release date: 23 November, 2021
**Added:**
- Now provides 5 new VirusTotal APIv3 IP Address Enrichers.
##Release versions: 2.10.4, 2.9.4
Release date: 1 November, 2021
**Added:**
- Now provides 5 new VirusTotal APIv3 File Hash Enrichers.
##Release versions: 2.10.3, 2.9.3
Release date: 6 October, 2021
**Added:**
- Now provides 5 new VirusTotal APIv3 Domain Enricher
##Release versions: 2.10.2, 2.9.2
Release date: 15 September, 2021
**Added:**
- Now provides VirusTotal APIv3:
- File Name Enricher
- File Hash (Similar Files) Enricher
- 3 new URL Enrichers
##Release versions: 2.10.1, 2.9.1
Release date: 18 August, 2021
Added:
- Now provides 5 File Hash enrichers using
the VirusTotal APIv3 endpoints.
## Initial release
Release date: December, 2016
**Features:**
* Now provides the VirusTotal Provider incoming feed.
* Now provides the VirusTotal Enricher.