Scanning all the running .exe files in VirusTotal with Python.
Library | Code to install |
---|---|
hashlib | pip install hashlib |
pathlib2 | pip install pathlib2 |
WMI | pip install WMI |
requests | pip install requests |
pandas | pip install pandas |
I used wmi library to get all running files from device. Then saved into a list called "liste".
Libraries |
First you have to get the real path of the file. Then with the path, we can get the hash of the file by using this code:
Get Hash |
After doing it, we can proceed for scanning the hash of the file using VirusTotal API.
After the scannning completed for a file. It writes the result to a file called "vt_results_exe.csv". It writes all the scores that comes from VirusTotal. In terminal you can see which process has scanned.(vt_Results_exe file will be stored in the C:/Users/{username})
Terminal | Results |