Closed BlasterXiao closed 2 weeks ago
Hello @BlasterXiao,
You can use the following command to query a file's behaviour analyses:
$ vt file behaviours <hash>
if you want only certain attributes, you can filter using the --include
option:
$ vt file behaviours f181fdeca6547a1c826f6c2999fd7b61bb8e492eb4e6611a0472bbb3b15fa1d9 --include services_opened,services_started
- services_opened:
- "PcaSvc"
- "WinDefend"
services_started:
- "WSearch"
- "msiserver"
- "SecurityHealthService"
- "PcaSvc"
I hope it helps.
Regards, Marta
I'm closing this issue for the moment, feel free to reopen if necessary.
Query for Sandbox Behavior Fields in vt-cli
Issue Description
I'm trying to use the VirusTotal Command Line Interface (vt-cli) to query specific sandbox behavior fields for a file or URL analysis. However, I'm not sure about the correct syntax or commands to achieve this.
Questions
Environment
Additional Context
I've tried looking through the vt-cli documentation, but I couldn't find specific information about querying sandbox behavior fields. Any guidance or examples would be greatly appreciated.
Thank you for your help!