The File Hash Analyzer API provides a lightweight and fast way to check if a file hash (MD5 or SHA256) is malicious, safe, or unknown. It integrates MalwareBazaar intelligence feeds and allows crowdsourced reporting to keep the database growing. Perfect for SIEM tools, SOC dashboards, malware sandboxes, and email gateways.
Base URL:
https://file-hash-analyzer-api.p.rapidapi.com
Authentication:
x-rapidapi-key: Your RapidAPI keyx-rapidapi-host:https://file-hash-analyzer-api.p.rapidapi.com
Method: GET or POST
Description: Query the database for a hash to check if it’s known malicious, safe, or unknown.
Request Parameters (GET)
| Parameter | Type | Required | Description |
|---|---|---|---|
| hash | string | Yes | Hash to check (MD5 or SHA256) |
| algorithm | string | No | md5 or sha256. Auto-detected if omitted |
Request Body (POST)
{
"hash": "e99a18c428cb38d5f260853678922e03",
"algorithm": "md5"
}Response (200 OK)
{
"hash": "e99a18c428cb38d5f260853678922e03",
"algorithm": "md5",
"verdict": "malicious",
"tags": ["agenttesla"],
"source": "MalwareBazaar-AgentTesla",
"votes": 3
}Response (404 Not Found)
{
"hash": "unknownhash",
"algorithm": "sha256",
"verdict": "unknown",
"tags": [],
"source": null
}Errors
400→ Invalid hash or unsupported algorithm500→ Internal server error
Method: POST
Description: Crowdsource a hash, adding a new entry or updating an existing one.
Request Body
{
"hash": "e99a18c428cb38d5f260853678922e03",
"algorithm": "md5",
"verdict": "malicious",
"tags": ["agenttesla", "keylogger"],
"source": "user-report"
}Response Examples
- 201 Created (new entry added)
{
"status": "created",
"entry": { ...HashEntry object... }
}- 200 OK (existing entry updated)
{
"status": "updated",
"entry": { ...HashEntry object... }
}- 200 OK (merge votes due to integrity error)
{
"status": "merged",
"entry": { ...HashEntry object... }
}Errors
400→ Unsupported or undetectable hash500→ Internal server error
- Supported hash algorithms:
md5,sha256. - Tags are lowercase, comma-separated strings (e.g.,
"agenttesla,keylogger").
Analyze hash (GET)
curl -X GET "https://file-hash-analyzer-api.p.rapidapi.com/analyze?hash=<md5_or_sha256>" \
-H "x-rapidapi-key: YOUR_RAPIDAPI_KEY"Analyze hash (POST)
curl -X POST "https://file-hash-analyzer-api.p.rapidapi.com/analyze" \
-H "x-rapidapi-key: YOUR_RAPIDAPI_KEY" \
-H "Content-Type: application/json" \
-d '{"hash":"<hash>", "algorithm":"md5"}'Report a hash
curl -X POST "https://file-hash-analyzer-api.p.rapidapi.com/report" \
-H "x-rapidapi-key: YOUR_RAPIDAPI_KEY" \
-H "Content-Type: application/json" \
-d '{"hash":"<hash>","verdict":"malicious","tags":["agenttesla"]}'