MalwareHash.com SDK
Posted by admin on Saturday, December 3rd, 2011 | 4,366 views
We have made available to our users the SDK to use our API service.
Users can download the SDK from their Dashboard:
Documentation of the SDK:
////////////////////////////////////////////////////////////////////////////// /////////////////// MalwareHash Function Definitions //////////////////////// ///////////////////////////////////////////////////////////////////////////// /* Validates an API Key in order to use the MalwareHash.com service Returns TRUE if the key is valid and has remaining request queries Returns FALSE if the key is either invalid or there are no remaining queries left */ typedef BOOL (__stdcall *PIsAPIKeyValid)(char* APIKey); /* Checks a single MD5 digest Hash Returns TRUE if the MD5 Hash is listed in the database and flagged as malware Returns FALSE if the MD5 Hash is not located in the database */ typedef BOOL (__stdcall *PMalwareHashSingle)(char* APIKey, char* MD5Hash); /* Checks Multiple MD5 digest Hashes against the server database Returns TRUE if there is no request errors Returns FALSE if there is a request error Note: After calling this API the "bDetected" member of the FixedMultiHash structure array will be set to TRUE for MD5 Hashes which are flagged by the database as malware, FALSE for those that are not. The reason this API primarily exists is due to the fact that you can optionally send up to 250 MD5 Hashes to the server all in one request which would only eat 1 user query for your API Key. Calling MalwareHashSingle() on each of the 250 Hashes would require 250 queries! */ typedef BOOL (__stdcall *PMalwareHashMulti)(char* APIKey, FixedMultiHash* MD5Hashes); /* Ansi - Returns TRUE if lpFileName can be hashed via MD5 digest (internal operation) and the server locates this MD5 Hash in its database Returns FALSE if lpFileName for some reason cannot be hashed or the successful hash is not present in the server database */ typedef BOOL (__stdcall *PMalwareHashSingleFileA)(char* APIKey, char* lpFileName); /* Unicode - Returns TRUE if lpFileName can be hashed via MD5 digest (internal operation) and the server locates this MD5 Hash in its database Returns FALSE if lpFileName for some reason cannot be hashed or the successful hash is not present in the server database */ typedef BOOL (__stdcall *PMalwareHashSingleFileW)(char* APIKey, WCHAR* lpFileName); /* Ansi - Checks Multiple MD5 digest Hashes against the server database but only requires full-path FILENAMES This function is offered for extreme flexibility since all that is required to communicate with the server is a valid API Key and a list (array) of filenames, the MD5 hashing is done internally for you Returns TRUE if there is no request errors Returns FALSE if there is a request error Note: After calling this API the "bDetected" member of the FixedFileHashEntryA structure will be set to TRUE for MD5 Hashes which are flagged by the database as malware, FALSE for those that are not. Also, any files which are successfully hashed will output their MD5 hash to the "cHash" member of the FixedFileHashEntryA structure variable. The reason this API primarily exists is due to the fact that you can optionally send up to 250 MD5 Hashes to the server all in one request which would only eat 1 user query for your API Key. Calling MalwareHashSingleFileA() on each of the 250 filenames would require 250 queries! */ typedef BOOL (__stdcall *PMalwareHashMultiFileA)(char* APIKey, FixedFileHashEntryA* FileNames); /* Unicode - Checks Multiple MD5 digest Hashes against the server database but only requires full-path FILENAMES This function is offered for extreme flexibility since all that is required to communicate with the server is a valid API Key and a list (array) of filenames, the MD5 hashing is done internally for you Returns TRUE if there is no request errors Returns FALSE if there is a request error Note: After calling this API the "bDetected" member of the FixedFileHashEntryW structure will be set to TRUE for MD5 Hashes which are flagged by the database as malware, FALSE for those that are not. Also, any files which are successfully hashed will output their MD5 hash to the "cHash" member of the FixedFileHashEntryW structure variable. The reason this API primarily exists is due to the fact that you can optionally send up to 250 MD5 Hashes to the server all in one request which would only eat 1 user query for your API Key. Calling MalwareHashSingleFileW() on each of the 250 filenames would require 250 queries! */ typedef BOOL (__stdcall *PMalwareHashMultiFileW)(char* APIKey, FixedFileHashEntryW* FileNames); |
Included there are examples in C and Delphi.
Leave a Reply