-
Notifications
You must be signed in to change notification settings - Fork 11
API: Trusted Programs Query
elsif2 edited this page Aug 30, 2024
·
2 revisions
Last Updated: 2020-10-28
This web-based API is a source of meta data related to known good files that we have indexed. It includes about 80 different applications Note: Rate limiting by source IP is set to 10 queries per second.
An API key is not required for this module.
Returns a JSON response containing the details for the requested program. Replaces bin-test.shadowserver.org.
Sample query:
https://api.shadowserver.org/program/trusted?sample=7fe2248de77813ce850053ed0ce8a474
Example:
{
"product_name" : "Microsoft Windows Operating System",
"source" : "AppInfo",
"sha512" : "F61BEA0DC281B56B563ED32331938EFC9BF6D7A3C9CAB3273103D2FD95A73C2492E31F2C64119651E5ABFE8F3A881317C3D3B81BAA2229B3CF01E4991EBFE8FC",
"os_version" : "6.1",
"fileversion" : "6.1.7600.16385",
"crc32" : "23897C4C",
"trusted_signature" : "1",
"description" : "DDODiag is a tool that collects Device Display Object (DDO) information from the system and logs it",
"binary" : "1",
"sig_trustfile" : "C:\\Windows\\system32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\ntexe.cat",
"os_name" : "Microsoft Windows 7 Ultimate Service Pack 1 (build 7601), 64-bit",
"language" : "English",
"filename" : "ddodiag.exe",
"reference" : "os",
"product_version" : "6.1.7600.16385",
"mfg_name" : "Microsoft Corporation",
"dirname" : "c:\\Windows\\winsxs\\x86_microsoft-windows-ddodiag_31bf3856ad364e35_6.1.7600.16385_none_362ce835fe42421b",
"os_mfg" : "Microsoft Corporation",
"application_type" : "exe",
"filesize" : "36864",
"signer" : "Microsoft Windows",
"sig_timestamp" : "07/14/2009 03:17:39",
"filetimestamp" : "07/14/2009 01:14:16",
"strongname_signed" : "0",
"source_version" : "1.3",
"bit" : "32"
}