{"id":26654128,"url":"https://github.com/malice-plugins/totalhash","last_synced_at":"2025-04-11T07:18:06.845Z","repository":{"id":57609549,"uuid":"48824890","full_name":"malice-plugins/totalhash","owner":"malice-plugins","description":"Malice #totalhash Plugin","archived":false,"fork":false,"pushed_at":"2019-01-07T16:34:25.000Z","size":3568,"stargazers_count":4,"open_issues_count":0,"forks_count":5,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-21T22:11:20.562Z","etag":null,"topics":["docker","golang","malice","malice-plugin","malware-analysis","malware-detection","malware-research","totalhash"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/malice-plugins.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-12-31T00:15:40.000Z","updated_at":"2021-02-04T23:49:47.000Z","dependencies_parsed_at":"2022-08-27T10:41:31.593Z","dependency_job_id":null,"html_url":"https://github.com/malice-plugins/totalhash","commit_stats":null,"previous_names":["maliceio/malice-totalhash"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/malice-plugins%2Ftotalhash","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/malice-plugins%2Ftotalhash/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/malice-plugins%2Ftotalhash/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/malice-plugins%2Ftotalhash/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/malice-plugins","download_url":"https://codeload.github.com/malice-plugins/totalhash/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245401369,"owners_count":20609167,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","golang","malice","malice-plugin","malware-analysis","malware-detection","malware-research","totalhash"],"created_at":"2025-03-25T04:57:23.633Z","updated_at":"2025-03-25T04:57:24.193Z","avatar_url":"https://github.com/malice-plugins.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# malice-totalhash\n\n[![Circle CI](https://circleci.com/gh/malice-plugins/totalhash.png?style=shield)](https://circleci.com/gh/malice-plugins/totalhash) [![License](http://img.shields.io/:license-mit-blue.svg)](http://doge.mit-license.org) [![Docker Stars](https://img.shields.io/docker/stars/malice/totalhash.svg)](https://hub.docker.com/r/malice/totalhash/) [![Docker Pulls](https://img.shields.io/docker/pulls/malice/totalhash.svg)](https://hub.docker.com/r/malice/totalhash/) [![Docker Image](https://img.shields.io/badge/docker%20image-52.8MB-blue.svg)](https://hub.docker.com/r/malice/totalhash/)\n\nMalice [#totalhash](https://totalhash.cymru.com) Plugin\n\nThis repository contains a **Dockerfile** of **malice/totalhash** for [Docker](https://www.docker.io/)'s [trusted build](https://index.docker.io/u/malice/totalhash/) published to the public [DockerHub](https://index.docker.io/).\n\n### Dependencies\n\n- [malice/alpine](https://hub.docker.com/r/malice/alpine/)\n\n## Installation\n\n1. Install [Docker](https://www.docker.io/).\n2. Download [trusted build](https://hub.docker.com/r/malice/totalhash/) from public [DockerHub](https://hub.docker.com): `docker pull malice/totalhash`\n\n## Usage\n\n```\ndocker run --rm malice/totalhash SHA1\n```\n\n```bash\nUsage: totalhash [OPTIONS] COMMAND [arg...]\n\nMalice totalhash Plugin\n\nVersion: v0.1.0, BuildTime: 20160219\n\nAuthor:\n blacktop - \u003chttps://github.com/blacktop\u003e\n\nOptions:\n --verbose, -V\t\tverbose output\n --elasticsearch value\telasticsearch address for Malice to store results [$MALICE_ELASTICSEARCH]\n --post, -p\t\tPOST results to Malice webhook [$MALICE_ENDPOINT]\n --proxy, -x\t\tproxy settings for Malice webhook endpoint [$MALICE_PROXY]\n --table, -t\t\toutput as Markdown table\n --user value\t\ttotalhash user [$MALICE_TH_USER]\n --key value\t\ttotalhash key [$MALICE_TH_KEY]\n --help, -h\t\tshow help\n --version, -v\t\tprint the version\n\nCommands:\n help\tShows a list of commands or help for one command\n\nRun 'totalhash COMMAND --help' for more information on a command.\n```\n\nThis will output to stdout and POST to malice results API webhook endpoint.\n\n## Sample Output\n\n### [JSON](https://github.com/malice-plugins/totalhash/blob/master/docs/results.json)\n\n```json\n{\n \"totalhash\": {\n \"md5\": \"9483ba381cdb7c983e630839a0d2a1c3\",\n \"sha1\": \"4af607a4ecf7885018ab5a788e8f0607b4fcb08b\",\n \"time\": \"2015-08-02 00:49:35\",\n \"version\": \"0.3\",\n \"calltree\": {\n \"process_call\": [\n {\n \"filename\": \"C:\\\\malware.exe\",\n \"index\": \"1\",\n \"pid\": \"1348\",\n \"startreason\": \"AnalysisTarget\"\n },\n ...\n ]\n },\n \"static\": {\n \"strings_md5\": \"ac33aca979aaeee66a70b6a6ad9538bf\",\n \"strings_sha1\": \"b24c81ba5dc75edbbd6de5804e7b4a1db38db591\",\n \"av\": [\n {\n \"av_product\": \"bull\",\n \"scanner\": \"BullGuard\",\n \"signature\": \"Gen:Variant.Graftor.18194\",\n \"timestamp\": \"2015-08-01 15:55:42\",\n \"update\": \"2015-07-31 07:26:09\",\n \"version\": \"14.1.0.0\"\n },\n ...\n {\n \"av_product\": \"clam\",\n \"scanner\": \"ClamAV\",\n \"signature\": \"Trojan.Dropper-22795\",\n \"timestamp\": \"2015-08-01 15:55:42\",\n \"update\": \"2015-07-31 12:00:00\",\n \"version\": \"0.97.8.0\"\n }\n ],\n \"imphash\": {\n \"value\": \"3243b13e562279ab7fbe2f31e45d3a95\"\n },\n \"imports\": [\n {\n \"dll\": \"kernel32.dll\"\n }\n ],\n \"language\": {\n \"value\": \"040904B0\"\n },\n \"magic\": {\n \"value\": \"PE32 executable for MS Windows (GUI) Intel 80386 32-bit\"\n },\n \"packer\": {\n \"value\": \"UPX -\u003e www.upx.sourceforge.net\"\n },\n \"pehash\": {\n \"value\": \"452dda12aae437d193c043388cfc8e1cf9dd0787\"\n },\n \"section\": [\n {\n \"md3\": \"d41d8cd98f00b204e9800998ecf8427e\",\n \"name\": \"UPX0\",\n \"sha1\": \"da39a3ee5e6b4b0d3255bfef95601890afd80709\",\n \"size\": \"0\"\n },\n {\n \"md3\": \"be7cee8566021aa22591d9bf68634a88\",\n \"name\": \"UPX1\",\n \"sha1\": \"f9665ffa7f1b1f10e6265d7e1bf651a3c09793d2\",\n \"size\": \"47616\"\n },\n {\n \"md3\": \"6e964a0172c2edaff9838cbf467ab13e\",\n \"name\": \".rsrc\",\n \"sha1\": \"e793ae7e3e91e59b1195cb8e283194d811013f88\",\n \"size\": \"130560\"\n },\n {\n \"md3\": \"bf619eac0cdf3f68d496ea9344137e8b\",\n \"name\": \".Kerbero\",\n \"sha1\": \"5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5\",\n \"size\": \"512\"\n },\n {\n \"md3\": \"bf619eac0cdf3f68d496ea9344137e8b\",\n \"name\": \".Kerbero\",\n \"sha1\": \"5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5\",\n \"size\": \"512\"\n },\n {\n \"md3\": \"86759dc484cc49f4800f7f13a4df40d1\",\n \"name\": \".Kerbero\",\n \"sha1\": \"27d7d38a1cff80b297b1e4829cf6139af83a038e\",\n \"size\": \"66048\"\n }\n ],\n \"timestamp\": {\n \"value\": \"2009-09-12 18:01:17\"\n },\n \"version\": {\n \"value\": \"LegalCopyright: \\nInternalName: rootwarez.org\\nFileVersion: \\nCompanyName: \\nLegalTrademarks: \\nComments: \\nProductName: \\nProductVersion: 2.01\\nFileDescription: \\nOriginalFilename: .exe\\n\"\n }\n }\n }\n}\n```\n\n### [Markdown](https://github.com/malice-plugins/totalhash/blob/master/docs/SAMPLE.md)\n\n---\n\n#### #totalhash\n\n| Found | URL |\n| ------------------ | -------------------------------------------------------------------------------------- |\n| :white_check_mark: | [link](https://totalhash.cymru.com/analysis/?4af607a4ecf7885018ab5a788e8f0607b4fcb08b) |\n\n---\n\n## Documentation\n\n- [To write results to ElasticSearch](https://github.com/malice-plugins/totalhash/blob/master/docs/elasticsearch.md)\n- [To create a totalhash lookup micro-service](https://github.com/malice-plugins/totalhash/blob/master/docs/web.md)\n- [To post results to a webhook](https://github.com/malice-plugins/totalhash/blob/master/docs/callback.md)\n\n## Issues\n\nFind a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to [file an issue](https://github.com/malice-plugins/totalhash/issues/new)\n\n## Contributing\n\n[See all contributors on GitHub](https://github.com/malice-plugins/totalhash/graphs/contributors).\n\nPlease update the [CHANGELOG.md](https://github.com/malice-plugins/totalhash/blob/master/CHANGELOG.md) and submit a [Pull Request on GitHub](https://help.github.com/articles/using-pull-requests/).\n\n## License\n\nMIT Copyright (c) 2016 **blacktop**\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmalice-plugins%2Ftotalhash","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmalice-plugins%2Ftotalhash","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmalice-plugins%2Ftotalhash/lists"}