get https://www.virustotal.com/api/v3/intelligence/hunting_notification_files
Each file object returned, in addition to all the file details, has a context_attributes
property that contains information about the VT Hunting Livehunt notification tied to the file, this is an example:
"context_attributes": {
"match_in_subfile": false,
"notification_date": 1543301214,
"notification_id": "961092289288866-4582222113734656-3c7f77cc43338e14824c111671beef30",
"notification_snippet": "00 61 64 64 41 75 64 69 6F [...]",
"notification_source_key": "b3190c38",
"notification_tags": [
"bozok",
"rats",
"a2d2906f7ad5265165c25baed76d342b48b8bc5f4d9db6004e9e6dd72eaea4e1"
],
"ruleset_id": "5706526672224256",
"ruleset_name": "rats",
"rule_name": "Bozok",
"rule_tags": [],
}
Other than that, the filter
parameter allows to filter the matching files according to the VT Hunting Livehunt notification properties. You can filter by the name of the matching rule, match date, rule namespace, ruleset or file hash. Notice however that this only works with the exact keyword, not substrings of it.
For more information check the user's hunting_notification_files relationship.