VirusTotal Launches Endpoint That Explains Code Functionality for Malware Analysts

Virustotal today unveiled a powerful addition to its Code Insight suite: a dedicated API endpoint that accepts code snippets—either disassembled or decompiled—and returns succinct summaries and detailed descriptions tailored for malware analysts.

Launched over two years after the debut of Code Insight at RSA 2023, this endpoint represents a significant step toward automating reverse engineering workflows and integrating AI-driven analysis directly into popular disassembly tools.

Traditional reverse engineering requires analysts to manually trace code paths, infer behavior, and document findings—often a tedious process when dealing with complex or obfuscated binaries.

Virustotal’s new endpoint, api/v3/codeinsights/analyse-binary, dramatically reduces this burden by:

1. Receiving a Base64-encoded code block and its type (disassembled or decompiled).
2. Optionally ingesting a history of prior queries and analyst-edited responses to provide context.
3. Returning two fields:
   • summary: a high-level view of the function’s purpose.
   • description: a step-by-step explanation of ...