Blog VirusTotal

VirusTotal += Jiangmin

Today we're including the AV engine from Jiangmin, a Chinese antivirus company. I would like to thank Shaowen for his help during the integration of this engine.

Extra metadata field: PDFiD

We have added the Didier Stevens' PDFiD tool result in the VT reports. This is an interesting tool as it checks the PDF content to identify several keywords thay may help identifying potentially suspicious documents. He also included a reference about the keywords, explaining their meaning. I want to thank Didier for all his help in the integration of this cool tool.

Extra metadata field: RDS

We've just added a new metadata in the reports: the results of the Reference Data Set from NIST NSRL, a quite big set information of known files. Quoting from their web site: " The RDS is a collection of digital signatures of known, traceable software applications. There are application hash values in the hash set which may be considered malicious, i.e. steganography tools and hacking scripts. There are no hash values of illicit data, i.e. child abuse images. " I want to thank NIST people for giving us their permission to use this valuable resource.

VirusTotal += Antiy

Today we've included the Antiy-AVL engine from Antiy, a Chinese antivirus company. Thanks to Song Bing for helping in the integration of this scanner.

VirusTotal += nProtect

We've just added the nProtect engine from INCA Internet, a Korean antivirus company. It makes use of two engines: Tachyon (inhouse technology) and the BitDefender one.

VirusTotal -= Ewido

We've removed the Ewido engine from the list of the ones used at VirusTotal as it is has no more support as individual product. It was bought by AVG in 2006, and now it can only be 'found' as part of the AVG engine technology.