AbuseCH Malware Bazaar Integration
The creation of an Integration for AbuseCH Malware Bazaar, would be a very useful integration for Siemplify customers.
AbuseCH Malware Bazaar - https://bazaar.abuse.ch/
Somewhat similar to VirusTotal, the AbuseCH Malware Bazaar is a project to collect and share malware samples. However, it also includes many integrations that help analysts make determinations on the samples/hashes they seek information for. With partners like ReversingLabs, Intezer, Any.Run, UnpacMe, Hatching, JoeSecurity, and others....analysts get a much better picture of what they are analyzing.
Best of all, it is a free service that benefits all of security. You don't even need an API key to query all the information the Malware Bazaar has to offer.
The API (https://bazaar.abuse.ch/api/) has many query types, so you are not limited on just hashes. Query Types include: hash, tag, signature, ClamAV signature, imphash, TLSH, telfhash, YARA rule (name), Code Signing Certificat Issuer CN, Code Signing Certificate Subject CN, etc.
Other features include the ability to download the malware sample (for free)
Sample uploads are available as well, but will require a Twitter account.