Skip to end of metadata
Go to start of metadata

It is now possible to download any shared/publicly submitted binary sample and PCAP (if available) from hybrid-analysis.com using the free restricted API keys.

Step-by-step guide

Please follow these steps:

  1. Download the VxAPI wrappers here: https://github.com/PayloadSecurity/VxAPI
  2. Configure VxAPI with your restricted API key (How to issue a self-signed API key)
  3. Use the new "get_public_result" CLI option specifying the environment ID and SHA256. Example:

    python3 vxapi.py get_public_result --environmentId 100 e66362502d13e7a0b91e733dad0e0817c2274baf506a14ed0cecd209db07500a --type pcap
    python3 vxapi.py get_public_result --environmentId 100 e66362502d13e7a0b91e733dad0e0817c2274baf506a14ed0cecd209db07500a --type bin

    Note: restricted keys may use the types "pcap" or "bin". The full version of VxStream Sandbox provides other types, such as json, pdf, crt, maec, misp, openioc, html, memory.

That's it!


Note: the default environment ID on hybrid-analysis.com is "100" (Windows 7 32-bit) and "200" (Android Static Analysis). This is subject to change and a new endpoint to fetch the available environment IDs with a restricted key is currently pending implementation.