Search

Getting Started

The UnpacMe search interface provides a powerful tool to explore our malware database. In addition to file hashes (sha256, sha1, md5) predefined search terms can be used to search for samples based on a wide array of features. Available search terms are categorized in the Search Help menu below the

Search Terms

Search terms can be used to search for samples based on a wide array of features. A list of available search terms can be found in the Search Help menu below the search bar. Common terms are listed at the top with for easy access. Term Prefix When using a

Lookback Window

The search lookback window defines the amount of historical data that will be included in a search. The lookback window default is 12-weeks, providing a view of the past 12 weeks of data. Plans that provide access to an Unlimited lookback window allow searching of our full malware corpus.

Search Limitations

Search queries have the following limitations. * A maximum of 10 terms are supported per search * Search results are capped at 1000 matches in reverse chronological order. Additional matches will be discarded. * Newly submitted samples may take up to 60 minutes before they are searchable.

Search Matches

A count of matches from the search are displayed at the top of the search results. The matches view can be expanded to view details about each term in the search. In addition to the match count per term the effective lookback window is also provided. The effective lookback window

Results Insights

Search insights provide a quick overview of the results returned by the search. Insights can be used to identify trends in the results as well as filter the results table. 1. Tags The tags distribution graph displays a list of tags assigned to the search matches and their frequency in

Results Filter

Search results can be refined by applying filters. Filters are available for tags and yara labels associated with the results. To apply a filter simply click the tag, or yara label and select the desired filter action. When multiple filters are selected an implicate AND is used to combine them

Results Table

Search matches are displayed in the results table. The results table includes information about each match and can be sorted and filtered based on various characteristics of the matches. The default results table view will display ten matches per page and is sorted in reverse chronological order based on the

Need help?

Have you any question which is not answered in this knowledge base? Contact us. We are here to help you.

You've successfully subscribed to UnpacMe Support
Great! Next, complete checkout for full access to UnpacMe Support
Welcome back! You've successfully signed in.
Unable to sign you in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.