Once you have activated your UnpacMe account and signed in you can begin submitting files for analysis.

Supported Files

Currently UnpacMe supports both 32-bit and 64-bit PE files. The maximum file size is 100MB.

File Type

The file type is automatically determined upon submission when the Auto mode is selected. Additional file types may be available for selection depending on your Plan. If a specific file type is selected UnpacMe will force analysis of the file as this file type, this can result in errors if an incorrect file type is chosen.

ZIP Files

PE files can be submitted in a ZIP file if desired. The ZIP file must only contain a single PE file. The same 100MB size restriction applies to ZIP files.

Password protected ZIP files are also supported using the password infected.

Analysis Mode

UnpacMe supports two modes for analysis, Analyze, and MalwareID. The default mode is Analyze.

Analyze

Analyze mode (default) automatically determines the optimal path for analysis, including unpacking, malware identification, and configuration extraction. This is the correct mode to choose for triage of unknown samples.

MalwareID

MalwareID mode provides faster malware identification and configuration extraction for samples that do not require unpacking. This is the correct mode to choose for samples that do not require unpacking and simply need a malware identification and IOC extraction.

Public Submissions

By default submissions to UnpacMe are considered public. Details on our submission policy can be found in our Terms of Service.

Private Submissions

If your UnpacMe Plan supports private submissions you have the option of marking a sample as private prior to uploading it.

Global private submissions can also enabled using via Default Private setting in Account Settings. When the Default Private setting is enabled all submissions will be marked as private including submissions via the API.

Private Samples

Submissions that have been marked as private, their unpacked children, associated artifacts, and all associated metadata are only accessible to the submitter. Samples and metadata are retained for 30 days after which all data is purged. Shorter retention periods are available upon request.

Analysis ID

Once a sample has been submitted to UnpacMe the service will respond with an Analysis ID which can be used to track the status of the analysis and retrieve the results once the analysis has completed.

Automated Submissions

A programmatic interface for automated uploading is available with our API. Details for submission via API can be found on in our API documentation.