API: Trusted Programs Query

Last Updated: 2020-10-28

Introduction

This web-based API is a source of meta data related to known good files that we have indexed. It includes about 80 different applications Note: Rate limiting by source IP is set to 10 queries per second.

Trusted Program

Returns a JSON response containing the details for the requested program. Replaces bin-test.shadowserver.org.

Sample query:

https://api.shadowserver.org/program/trusted?sample=7fe2248de77813ce850053ed0ce8a47

Sample

{
  "product_name": "Microsoft Windows Operating System",
  "source": "AppInfo",
  "os_version": "6.1",
  "fileversion": "6.1.7600.16385",
  "crc32": "23897C4C",
  "trusted_signature": "1",
  "description": "DDODiag is a tool that collects Device Display Object (DDO) information from the system and logs it",
  "binary": "1",
  "sig_trustfile": "C:\\Windows\\system32\\CatRoot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\\ntexe.cat",
  "os_name": "Microsoft Windows 7 Ultimate Service Pack 1 (build 7601), 64-bit",
  "language": "English",
  "filename": "ddodiag.exe",
  "reference": "os",
  "product_version": "6.1.7600.16385",
  "mfg_name": "Microsoft Corporation",
  "dirname": "c:\\Windows\\winsxs\\x86_microsoft-windows-ddodiag_31bf3856ad364e35_6.1.7600.16385_none_362ce835fe42421b",
  "os_mfg": "Microsoft Corporation",
  "application_type": "exe",
  "filesize": "36864",
  "signer": "Microsoft Windows",
  "sig_timestamp": "07/14/2009 03:17:39",
  "filetimestamp": "07/14/2009 01:14:16",
  "strongname_signed": "0",
  "source_version": "1.3",
  "bit": "32"
}

Our 86 Report Types