DEV Community

Cover image for Discover The File Hash Analyzer API
Dakidarts profile image Etuge Anselm
Etuge Anselm for Dakidarts

Posted on

Discover The File Hash Analyzer API

#api #rapidapi #dakidarts #cybersecurity

The File Hash Analyzer API provides a lightweight and fast way to check if a file hash (MD5 or SHA256) is malicious, safe, or unknown.
It integrates MalwareBazaar intelligence feeds and allows crowdsourced reporting to keep the database growing.
Perfect for SIEM tools, SOC dashboards, malware sandboxes, and email gateways.

File Hash Analyzer API

Base URL:

https://file-hash-analyzer-api.p.rapidapi.com
Enter fullscreen mode Exit fullscreen mode

Authentication:

  • x-rapidapi-key: Your RapidAPI key
  • x-rapidapi-host: https://file-hash-analyzer-api.p.rapidapi.com

1️⃣ /analyze — Analyze a hash

Method: GET or POST
Description: Query the database for a hash to check if it’s known malicious, safe, or unknown.

Request Parameters (GET)

Parameter Type Required Description
hash string Yes Hash to check (MD5 or SHA256)
algorithm string No md5 or sha256. Auto-detected if omitted

Request Body (POST)

{
  "hash": "e99a18c428cb38d5f260853678922e03",
  "algorithm": "md5" 
}
Enter fullscreen mode Exit fullscreen mode

Response (200 OK)

{
  "hash": "e99a18c428cb38d5f260853678922e03",
  "algorithm": "md5",
  "verdict": "malicious",
  "tags": ["agenttesla"],
  "source": "MalwareBazaar-AgentTesla",
  "votes": 3
}
Enter fullscreen mode Exit fullscreen mode

Response (404 Not Found)

{
  "hash": "unknownhash",
  "algorithm": "sha256",
  "verdict": "unknown",
  "tags": [],
  "source": null
}
Enter fullscreen mode Exit fullscreen mode

Errors

  • 400 → Invalid hash or unsupported algorithm
  • 500 → Internal server error

2️⃣ /report — Report a hash

Method: POST
Description: Crowdsource a hash, adding a new entry or updating an existing one.

Request Body

{
  "hash": "e99a18c428cb38d5f260853678922e03",
  "algorithm": "md5",
  "verdict": "malicious",
  "tags": ["agenttesla", "keylogger"],
  "source": "user-report"
}
Enter fullscreen mode Exit fullscreen mode

Response Examples

  • 201 Created (new entry added) 
{
  "status": "created",
  "entry": { ...HashEntry object... }
}
Enter fullscreen mode Exit fullscreen mode
  • 200 OK (existing entry updated) 
{
  "status": "updated",
  "entry": { ...HashEntry object... }
}
Enter fullscreen mode Exit fullscreen mode
  • 200 OK (merge votes due to integrity error) 
{
  "status": "merged",
  "entry": { ...HashEntry object... }
}
Enter fullscreen mode Exit fullscreen mode

Errors

  • 400 → Unsupported or undetectable hash
  • 500 → Internal server error

💡 Notes

  • Supported hash algorithms: md5, sha256.
  • Tags are lowercase, comma-separated strings (e.g., "agenttesla,keylogger").

🔗 Example curl requests

Analyze hash (GET)

curl -X GET "https://file-hash-analyzer-api.p.rapidapi.com/analyze?hash=<md5_or_sha256>" \
-H "x-rapidapi-key: YOUR_RAPIDAPI_KEY"
Enter fullscreen mode Exit fullscreen mode

Analyze hash (POST)

curl -X POST "https://file-hash-analyzer-api.p.rapidapi.com/analyze" \
-H "x-rapidapi-key: YOUR_RAPIDAPI_KEY" \
-H "Content-Type: application/json" \
-d '{"hash":"<hash>", "algorithm":"md5"}'
Enter fullscreen mode Exit fullscreen mode

Report a hash

curl -X POST "https://file-hash-analyzer-api.p.rapidapi.com/report" \
-H "x-rapidapi-key: YOUR_RAPIDAPI_KEY" \
-H "Content-Type: application/json" \
-d '{"hash":"<hash>","verdict":"malicious","tags":["agenttesla"]}'
Enter fullscreen mode Exit fullscreen mode

Top comments (0)