checkHash

Article summary

Did you find this summary helpful?

Thank you for your feedback

Available in Classic and VPC

Use hash values to check a file or URL string for maliciousness with hash filter.

Request

This section describes the request format. The method and URI are as follows:

Method	URI
GET	/checkHash

Request headers

For information about the headers common to all File Safer APIs, see Common File Safer API headers.

Request query parameters

The following describes the parameters.

Field	Type	Required	Description
`hashCode`	String	Required	Hash value to query
`hashType`	String	Required	Algorithm used to create the hash value to query `sha1` \| `md5`

Request example

The request example is as follows:

curl --location --request GET 'https://filesafer.apigw.ntruss.com/hashfilter/v1/checkHash
?hashCode=f093e7767bb63ac973b697d3fd1d40a78b87b8bf
&hashType=sha1' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-apigw-api-key: {API Gateway API Key}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Accept: application/json'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field	Type	Required	Description
`returnCode`	String	Required	Processing result code for the request
`returnMessage`	String	Required	Processing result message for the request
`totalRows`	Integer	Required	Number of objects for `hashCheckResultList`
`hashCheckResultList[]`	Array	Required	Detection results for the hash value queried If an object is in the list: malware If no objects are in the list: normal
`hashCheckResultList[].hashType`	String	Conditional	Algorithm used to create `hashCode` `sha1` \| `md5` Include only if detected as malware
`hashCheckResultList[].hashCode`	String	Conditional	Hash value detected as malware Include only if detected as malware
`hashCheckResultList[].group`	String	Conditional	Type of hash value detected as malware `file` \| `url` `file`: if the hash value is a file object `url`: if the hash value is a URL string Include only if detected as malware
`hashCheckResultList[].result`	String	Conditional	Whether the hash value queried was detected as malware `1` `1`: detected as malware Include only if detected as malware
`hashCheckResultList[].regDatetime`	Long	Conditional	Time the hash value was registered Include only if detected as malware

Response status codes

For information about the HTTP status codes common to all File Safer APIs, see File Safer response status codes.

Response example

The response example is as follows:

If malware is detected

The following is a sample response if malware is detected.

{
     "returnCode": "0",
     "returnMessage": "success",
     "totalRows": 1,
     "hashCheckResultList": [
        {
            "hashType": "sha1",
            "hashCode": "f093e7767bb63ac973b697d3fd1d40a78b87b8bf",
            "group": "file",
            "result": "1",
            "regDatetime": 1497409737000
         }
     ]
}

If malware is not detected

The following is a sample response if malware is not detected.

{
     "returnCode": "0",
     "returnMessage": "success",
     "totalRows": 0,
     "hashCheckResultList": [
     ]
}

Was this article helpful?

What's Next

getNotiConfig

Table of contents

Request
Response