Skip to main content
GET
/
v1
/
victims
/
{victim_id}
Get a victim's full infection profile
curl --request GET \
  --url https://api.vantaprism.me/v1/victims/{victim_id} \
  --header 'api-key: <api-key>'
{
  "data": {
    "victim_id": "<string>",
    "log_victim_id": "<string>",
    "stealer_family": "<string>",
    "stealer_version": "<string>",
    "ip": "<string>",
    "country": "<string>",
    "os": "<string>",
    "computer_name": "<string>",
    "user_name": "<string>",
    "hwid": "<string>",
    "machine_id": "<string>",
    "log_date": "<string>",
    "malware_location": "<string>",
    "timezone": "<string>",
    "cpu_name": "<string>",
    "ram_total_bytes": 123,
    "anti_viruses": [
      "<string>"
    ],
    "installed_browsers": [
      "<string>"
    ],
    "installed_software": [
      "<string>"
    ],
    "has_system_password": true,
    "processes": [
      {}
    ]
  },
  "meta": {
    "request_id": "req_01HZXK3Q7N8YV6F3M2P9JABCDE",
    "took_ms": 42.7,
    "tier": "pro",
    "masked_fields": [
      "password",
      "ip"
    ],
    "freshness_at": "2023-11-07T05:31:56Z"
  }
}

Authorizations

api-key
string
header
required

Static API key, format vp_<env>_<8-hex-prefix>.<40-hex-secret>. Preferred header for server-to-server integrations.

Path Parameters

victim_id
string
required

SHA-256 victim_id (64 lowercase hex chars) or a log_victim_id from a previous search result. Unresolvable log_victim_id values return 404 NOT_FOUND.

Query Parameters

include_processes
boolean
default:false

Include the running-process list captured at infection time.

Response

Victim profile

data
object
required
meta
object
required

Metadata attached to every successful response.