Look up full victim records by victim ID

curl --request POST \ --url https://api.vantaprism.me/v1/search/stealer-id \ --header 'Content-Type: application/json' \ --header 'api-key: <api-key>' \ --data ' { "stealers": [ "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08" ], "filter_credentials": true } '

{ "data": [ { "victim_id": "<string>", "log_victim_id": "<string>", "stealer_family": "<string>", "stealer_version": "<string>", "ip": "<string>", "country": "<string>", "os": "<string>", "computer_name": "<string>", "user_name": "<string>", "hwid": "<string>", "machine_id": "<string>", "log_date": "<string>", "malware_location": "<string>", "timezone": "<string>", "cpu_name": "<string>", "ram_total_bytes": 123, "anti_viruses": [ "<string>" ], "installed_browsers": [ "<string>" ], "installed_software": [ "<string>" ] } ], "meta": { "request_id": "req_01HZXK3Q7N8YV6F3M2P9JABCDE", "took_ms": 42.7, "tier": "pro", "masked_fields": [ "password", "ip" ], "freshness_at": "2023-11-07T05:31:56Z" }, "nextCursor": "<string>" }

Authorizations

api-key

string

header

required

Static API key, format vp_<env>_<8-hex-prefix>.<40-hex-secret>. Preferred header for server-to-server integrations.

Body

application/json

stealers

string[]

required

Victim IDs — SHA-256 victim_id hashes and/or log_victim_id values, in any mix.

Minimum array length: 1

Example:

[
  "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"
]

filter_credentials

boolean

default:false

When true, only return victims that have at least one stored credential.

sort_direction

enum<string>

default:desc

Sort order applied to inserted_at. Must stay constant across paginated requests using the same cursor.

Available options:

asc,

desc

cursor

string | null

limit

integer

default:25

Required range: 1 <= x <= 500

Response

Victim records

data

object[]

required

Show child attributes