Posted by: Dan O'Connor
Virus total now allows you to send pcap ( Packet captures ) files directly to them.
Here is one of the examples of what you can send that they provided.
VirusTotal is an excellent tool, and this provides a handy place to send your traffic that you have captured from your network or sandbox for quick analysis.
Just a quick word of caution on sending samples and now pcap files to sites like virus total. While it is handy to have the searchable analysis, remember that anyone can search those results. If you happen to be part of a targeted attack you could be tipping your hand to the attacker. They can be searching sites like this for IP’s and hashes involved in their attack. Once the attacker knows that they have been discovered they could do anything including damaging systems in an effort to cover up.