msticpy.context.vtlookupv3.vtfile_behavior module
VirusTotal File Behavior functions.
- class msticpy.context.vtlookupv3.vtfile_behavior.SIProcess(process_id: str, name: str, cmd_line: str, parent_id: int = - 1, proc_key: Optional[str] = None, parent_key: Optional[str] = None, path: Optional[str] = None, IsRoot: bool = False, IsLeaf: bool = False, IsBranch: bool = False, children: list = [], time_offset: int = 0)
Bases:
object
Data class to hold each process from detonation.
Method generated by attrs for class SIProcess.
- class msticpy.context.vtlookupv3.vtfile_behavior.VTFileBehavior(vt_key: Optional[str] = None, file_id: Optional[str] = None, file_summary: Optional[Union[DataFrame, Series, Dict[str, Any]]] = None)
Bases:
object
VirusTotal File Behavior class.
Initialize the VTFileBehavior class.
- Parameters
vt_key (str, optional) – VirusTotal API key, by default None
file_id (Optional[str], optional) – The ID of the file to look up, by default None
file_summary (Optional[Union[pd.DataFrame, pd, Series, Dict[str, Any]]], optional) – VT file summary - this can be in one of the following formats: VT object dictionary Pandas DataFrame - first row is assumed to be the file summary Pandas Series by default None