VirusShare Hash Library Creator

363968

OpenText OpenText Community

App Support Tiers

OpenText SUPPORTED

Support via OpenText Software Support, with a ticket filed against the associated product.

PARTNER

OpenText offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by OpenText of the OpenText community.

OpenText COMMUNITY

OpenText Community Content is provided by OpenText for the benefit of customers, support for it is not available via OpenText Software Support but through specific community content forums.

COMMUNITY

Community Contributed Content is provided by OpenText customers and supported by them.

EARLY ACCESS

Show less ...Show more

The downloads referenced under the "Cybersecurity Early Access" category are made available to subscribers to mitigate time-critical issues but have not undergone formal quality and performance testing associated with official OpenText/Cybersecurity product releases. OpenText has a multi-stage Quality Assurance process. During Stage 1 we conduct a resource analysis, field mapping, ensure content level 1 functionality and analysis in our sandbox environment. Stage 2 is a complete validation including production validation. This package has cleared Stage 1 validation and therefore should be deployed with the appropriate pre-production validation. OpenText strongly recommends that any downloaded content is first checked and tested thoroughly in a non-production environment before committing to production. We welcome feedback and, should any content be shown to be faulty, detrimental or carry an incorrect claim of authorship, we shall endeavor to remove or correct such content as promptly as reasonably possible once notified and validated.

OpenText | OpenText Community

This script creates an EnCase hash-library from the VirusShare hash-lists available to download from https://virusshare.com.

1,010 downloads

Product compatibility

EnCase App Central

Description

This script creates an EnCase hash-library from the VirusShare hash-lists available to download from https://virusshare.com.

The lists are generated from VirusShare.com's collection of malware samples, which are available to download via BitTorrent.

At the time of writing this, the regular VirusTotal hash-lists comprise 370+ files containing a total of 340M+ hashes.

Accordingly, the script will take some time to run. During this time progress can be monitored via the console-window and status-bar.

Please note that the VirusShare.com malware-collection is known to contain some false positives.

Should this prove problematic, the examiner might wish to consider using a second hash-library, one containing an accurate list of known files, e.g., NIST's National Software Reference Library (NSRL).

The Hash List Importer EnScript can be used to create a hash library from the NSRL NDS hash-set, the minimal set being the recommended one.

The Hash Calculator Plugin EnScript can be used to send a file's SHA-256 hash to VirusTotal.

For additional information, please see the following Twitter post:

https://twitter.com/SimonDCKey/status/1367755055286415361

This script was developed for use in EnCase training. For more details, please click the following link:

OpenText EnCase Training

Releases

Release

Size

Date

VirusShare Hash Library Creator 2.0.0

Aug 1, 2024

More info Less info

Product compatibility

Release notes

Tested with:
EnCase Forensic 21.01.00.68

Languages

English

Files

Marketplace

Marketplace

VirusShare Hash Library Creator

Product compatibility

CATEGORY

Description

Releases

Sign in

Marketplace

VirusShare Hash Library Creator

App Support Tiers

Product compatibility

CATEGORY

Description

Releases

Unsubscribe from notifications

Marketplace Terms of Service

Your download has begun