VirusTotal.com, possible the best malware analysis service on the web, has a application for Windows called “VT Uploader” which sends selected file to VirusTotal.com for analysis. Unfortunately they don’t have a similar program for OSX… Well, here is how I implemented the same functionality using Automator in OSX .

First off you need an API key for VirusTotal.com, which you get by register yourself on the website (found in your Inbox -> Public API).

Second you need the Python script from Bryce Boe that uploads a file to VirusTotal.com. Make sure that you put your API key into the code (API_KEY variable) and run it from the command line to make sure that you have all the Python dependencies:

$ /usr/bin/python virustotal_report.py eicar.com

You can download the simplejson dependency by using the easy_install utility like this:

$ sudo easy_install simplejson

When you have the prerequisites you start a new “Service” project in Automator. Create a new “Run Shell Script” action and choose the shell “/usr/bin/python”. Paste the code from Bryce Boe’s site in the “Run Shell Script” editor.

Select “Pass input: as arguments” on the top right of the action window.

Finally you select “Service receives selected files or folders in Finder”.

Save the project at “Send to Virustotal”, and you have a nice menu item for it in Finder:

Until next time .