NGFCTI

Download 99
Last updated Aug 5, 2023

ngfcti-malware-urls

Get malware deployment URLs from NGFCTI service.

ngfcti-malware-urls [proxy=PROXY] [duration=NUM{mon|w|d}] [from=yyyyMMdd] [to=yyyyMMdd] [raw=t]
proxy=PROXY
Proxy server setting If not specified, send feed requests directly without proxy server. e.g. IP:PORT
duration=NUM{mon|w|d|h|m|s}
Scan only recent data. You should use d(day), mon(month) time unit. For example, 1d means data from 1 day earlier. if not specified, the time is set based on 'from'
from=yyyyMMdd
Start date of range. yyyyMMdd format. if not specified, it is set to current date.
to=yyyyMMdd
End date of range. yyyyMMdd format. if not specified, it is set to current date.
raw=t
If 't' is specified, output the JSON data to the raw field.

Output Fields

FieldTypeNameDescription
tlp_nameStringTLP Namee.g. green
urlStringMalware URL
md5StringMalware MD5
sha1StringMalware SHA1
sha256StringMalware SHA256
publisherStringPublisher
guidStringGUID
stix_idStringSTIX ID
createdDateCreated
updatedDateUpdated
rawStringRaw dataOnly if raw=t