Intezer Analyze provides more ways to query Intezer’s vast database of trusted and malicious code, getting insights to enrich your investigations without even needing to analyze a file or endpoint. Searching a String or a Malware Family can help you to leverage your threat intel capabilities who and to better understand the changes between different variants of a threat
Search for a Malware Family
You can search by malware family or threat actor to get more intel about them. For example, search for “WannaCry” or “Lazarus” and you will be taken to their family page in Intezer Analyze.
The family view provides general information about the malware family (synonyms, references from MISP) and the latest public samples spotted in the wild through code reuse.From this list of related samples, you can click on the file hash to view its analysis report or copy its hash for further investigation.Note: Community users are limited to seeing 5 related samples per malware family.
Search for an Exact String
Note: This feature is only available to enterprise users.You can search by exact string and get all samples including this string.
For example: “https://www.google.com/search?q=how+to+buy+bitcoin”
In the string view, you can see all of the samples which contain this exact string, and the malware families that have used this string in their past samples. This can widen your investigation and be used to gather additional intel about a potential incident or targeted attack against your organization.