Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Heads-up: VirusTotal Functionality in Sysinternals Tools Not Working SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Heads-up: VirusTotal Functionality in Sysinternals Tools Not Working

A quick heads-up to those of you that use Sysinternals tools like Process Explorer to check PE files on VirusTotal: this is not working for the moment.

We've had reports and saw Tweets about this issue in the past days.

We confirm there is an issue: a check for notepad.exe with Process Explorer results in a not-found reply:

{"data": [{"found": false, "hash": "C401CD335BA6A3BDAF8799FDC09CDC0721F06015"}], "result": 1}

Let's hope this gets sorted out after the weekend.

Update: I was asked how I obtained VirusTotal's not-found reply. I used a debugging proxy server (Fiddler), details are in this video:

 

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

DidierStevens

520 Posts
ISC Handler
Dec 20th 2020
Thank You Didier and SANS and ISC :) you are the best
A Happy Merry Christmas for all.
Please take care
Carlos A. from PT :)
netmanzim
Netmanzim

63 Posts
Thank you! :-)
DidierStevens

520 Posts
ISC Handler
:( Still not working
Netmanzim

63 Posts
from VT : "There are some issues with the sysinternals VT integration. We are working with the sysinternals team to try to find a solution.
Unfortunately we don't have an estimated date on when this will be resolved."
Netmanzim

63 Posts
sorry duplicate
Netmanzim

63 Posts
It´s working, up and running :) thank you to all
Netmanzim

63 Posts

Sign Up for Free or Log In to start participating in the conversation!