ahnlab-tip-files
Fetch malicious files for the specified date range from the AhnLab TIP service.
ahnlab-tip-files [profile=PROFILE] [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss] [order=ORDER]
- profile=PROFILE
- Optional. AhnLab TIP connect profile code
- duration=NUM{mon|w|d|h|m|s}
- Optional. Scan only recent data. You should use d(day) or mon(month) time unit. For example,
7dmeans data from 7 days earlier. - from=yyyyMMddHHmmss
- Optional. Start date (yyyyMMdd)
- to=yyyyMMddHHmmss
- Optional. End date (yyyyMMdd)
- order=ORDER
- Optional. Sort order (asc or desc, default: desc)
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| _time | Date | Time | Feed date |
| profile | String | Connect profile | AhnLab TIP connect profile code |
| signature | String | Signature | e.g. Infostealer/Win.Rhadamanthys.R737036 |
| file_type | String | File type | e.g. exe, dll |
| md5 | String | MD5 | e.g. 191b6f30398523596e76f6dad6e7ac44 |
| sha1 | String | SHA1 | e.g. c42dc3fd368e6001c784faff8e058e7fdd40de66 |
| sha256 | String | SHA256 | e.g. 92037f9ee6002e985c231bba8afe794e6e8c8604cbcdf14286e2e33bb33fc6fd |