#9 compute file hash if no hash is given with the file

TheHive-Project · Feb 17, 2017 · 8eaf0bc · 8eaf0bc
1 parent 7ce8d22
commit 8eaf0bc
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/analyzers/VirusTotal/virustotal.py b/analyzers/VirusTotal/virustotal.py
@@ -5,6 +5,7 @@
 import json
 import codecs
 import time
+import hashlib
 
 from virustotal_api import PublicApi as VirusTotalPublicApi
 from cortexutils.analyzer import Analyzer
@@ -117,11 +118,18 @@ def run(self):
                 data = self.getParam('data', None, 'Data is missing')
                 self.report(self.check_response(self.vt.get_ip_report(data)))
             elif self.data_type == 'file':
+
                 hashes = self.getParam('attachment.hashes',
-                                       None, 'Hash is missing')
+                                    None)
+                if hashes is None:
+                    filepath = self.getParam('file', None, 'File is missing')
+                    hash = hashlib.sha256(open(filepath, 'r').read()).hexdigest();
+                else:
                 # find SHA256 hash
-                hash = next(h for h in hashes if len(h) == 64)
+                    hash = next(h for h in hashes if len(h) == 64)
+
                 self.report(self.check_response(self.vt.get_file_report(hash)))
+
             elif self.data_type == 'hash':
                 data = self.getParam('data', None, 'Data is missing')
                 self.report(self.check_response(self.vt.get_file_report(data)))