Skip to main content

Additional Search Capabilities

  • Updated

Intezer Analyze provides more ways to query Intezer’s vast database of trusted and malicious code, getting insights to enrich your investigations without even needing to analyze a file or endpoint. Searching a String or a Malware Family can help you to leverage your threat intel capabilities who and to better understand the changes between different variants of a threat

mceclip0.png

 

Table of Contents

1. Search for a Malware Family
2. Search for an Exact String
 
 

Search for a Malware Family

You can search by malware family or threat actor to get more intel about them. For example, search for “WannaCry” or “Lazarus” and you will be taken to their family page in Intezer Analyze.
wannacry.jpgThe family view provides general information about the malware family (synonyms, references from MISP) and the latest public samples spotted in the wild through code reuse.From this list of related samples, you can click on the file hash to view its analysis report or copy its hash for further investigation.Note: Community users are limited to seeing 5 related samples per malware family.

 

Search for an Exact String

Note: This feature is only available to enterprise users.
 
You can search by exact string and get all samples including this string.
For example: https://www.google.com/search?q=how+to+buy+bitcoinstring_search.jpgIn the string view, you can see all of the samples which contain this exact string, and the malware families that have used this string in their past samples. This can widen your investigation and be used to gather additional intel about a potential incident or targeted attack against your organization.
Return to top