IntegrationsBlogContact

Abuse.ch

Enrich file hashes with malware and botnet indicators from abuse.ch.

Malfors graph showing abuse.ch enrichment results for a file hash

Overview

abuse.ch tracks malware and botnet activity and publishes indicators that can be used to investigate suspicious files and infrastructure.

Malfors uses abuse.ch to enrich file hashes in your graph with malware reports and related indicator details when they are available.

This helps you see whether a hash is tied to known malware activity, so you can decide if it needs deeper analysis or correlation with other evidence.

Configure

  1. Create an abuse.ch account and generate your API key.
  2. In Malfors, open Enrichments → Abuse.ch → Add Token.
  3. Paste your token into the field and save.
  4. Abuse.ch enrichments are now available.
Built byMalfors
Websiteabuse.ch