MalHash

MalHash queries malware intelligence sources using a provided hash. It checks VirusTotal and MalwareBazaar for file metadata, threat labels, antivirus detections, and known associations. A quick way to enrich an unknown sample or confirm if a hash is already known and classified in the wild.

Malware Hash Lookup

Figure 11: Malware Hash Lookup

The first time you run MalHash, you’ll be prompted to configure API keys for VirusTotal and MalwareBazaar if they’re not already set.