[[placeholder]]
Log in to your account
SOLUTIONS
VTAPI
VTIntelligence
VTHunting
[[unreadNotifications]]
By submitting your file to VirusTotal you are asking VirusTotal to share your submission with the security community and agree to our Terms of Service and Privacy Policy. Learn more.
[[file.name]][[item.title]]
There are no notifications to show
[[item]]
exactly
or more
or less
[[item]]
[[item]]
exactly
or more
or less
exactly
or more
or less
exactly
or more
or less
exactly
or more
or less
Need inspiration? Try these example searches...
content:"just an example" Search for files containing the string just an example in their raw bodies.
content:{CAFEBABE} Search for files containing the binary sequence CAFEBABE (encoded as hex) in their raw bodies.
behavior:"gate.php" Search for files whose execution behavior report contains the string "gate.php", e.g. because the sample reached out to a C2C URL using that path name.
type:doc metadata:"JGFUNILWC-PC" Search for all those documents where the author metadata field is JGFUNILWC-PC.
type:peexe signature:"Freemium GmbH" Return all those portable executables where the authenticode signature details contains the string "Freemium GmbH".
type:docx p:10+ tag:attachment Search for all those Open XML word documents with more than 10 antivirus detections that have been seen as an attachment in some email uploaded to VirusTotal.
itw:docs.google.com p:20+ Search for all those files that have been seen to be downloaded from some URL that contains the string docs.google.com.
Keep learning, there are over 50 search modifiers that you can use, combine them together and pinpoint your adversary.
Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community
There are over 50 search modifiers that you can use, get started with this wargame or watch a short introduction .
