VirusTotal Graph

Explore VirusTotal's dataset visually, discover threat commonalities
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

Navigate visually over VirusTotal's massive dataset

VirusTotal's backend generates rich relationships, revealing URLs from which files were downloaded, file containment details, parents of Portable Executables, domain-to-IP mappings, and more. These inter-item links form a graph, enabling users to discover new infrastructure and artifacts relevant to their investigations visually.

Semantic icons convey information concisely with file type icons based on detection level, country flags for network infrastructure, and relationship kind images.

Hover over any graph node to see a summary of the item with the most representative data from VirusTotal Intelligence.

Integration with VirusTotal Intelligence is seamless, allowing easy access to studied artifacts with a single click.

With Private Graph, confidentiality and privacy are ensured for investigations, and collaboration is possible in online cases while keeping the content private.

Custom Nodes in Private Graphs add user-specific information, such as identifying actors behind attacks displayed in the graph.

The "Find commonalities" feature quickly identifies common patterns in selected nodes.

VirusTotal Intelligence and Graph together provide relevant information for investigations, with Private Graphs displaying submission data per country and date.

Expand intelligence with additional relationships through VirusTotal Intelligence query, including email parents, embedded domains, and IP addresses.