The UnpacMe search interface provides a powerful tool to explore our malware database. In addition to file hashes (sha256, sha1, md5) predefined search terms can be used to search for samples based on a wide array of features. Available search terms are categorized in the Search Help menu below the
Search terms can be used to search for samples based on a wide array of features. A list of available search terms can be found in the Search Help menu below the search bar. Common terms are listed at the top with for easy access. Term Prefix When using a
The search lookback window defines the amount of historical data that will be included in a search. The lookback window default is 12-weeks, providing a view of the past 12 weeks of data. Plans that provide access to an Unlimited lookback window allow searching of our full malware corpus.
Search queries have the following limitations. * A maximum of 10 terms are supported per search * Search results are capped at 1000 matches in reverse chronological order. Additional matches will be discarded. * Newly submitted samples may take up to 60 minutes before they are searchable.
A count of matches from the search are displayed at the top of the search results. The matches view can be expanded to view details about each term in the search. In addition to the match count per term the effective lookback window is also provided. The effective lookback window
Search insights provide a quick overview of the results returned by the search. Insights can be used to identify trends in the results as well as filter the results table. 1. Tags The tags distribution graph displays a list of tags assigned to the search matches and their frequency in
Search results can be refined by applying filters. Filters are available for tags and yara labels associated with the results. To apply a filter simply click the tag, or yara label and select the desired filter action. When multiple filters are selected an implicate AND is used to combine them
Search matches are displayed in the results table. The results table includes information about each match and can be sorted and filtered based on various characteristics of the matches. The default results table view will display ten matches per page and is sorted in reverse chronological order based on the