Unit 42 tags—Identify threats and campaigns that
pose a direct security risk.
Indicator tags—Highlight samples with Threat
Indicators that match threat indicators that you forwarded
to AutoFocus using MineMeld.
The tag specifies the number of matching indicators in the sample.
Not all sample artifacts are indicators; to determine whether an
artifact is an indicator, AutoFocus uses a statistical algorithm
based on the tendency of the artifact to be seen predominantly with
the indicator tag (
) to view the
Click a sample hash and scan the WildFire analysis details
of the sample for signs of maliciousness.
For every WildFire static and dynamic analysis
artifact listed, compare the number of times the artifact has been
detected with benign (
), grayware (
), and malware (
View artifacts that match your search conditions (even
if they’re not high-risk), highlighted in the search results.
View a summary of
AutoFocus detected in the sample.
The Indicators tab only lists artifacts that AutoFocus
considers indicators based on the tendency of the artifact to be
seen predominantly in malware samples. Any indicators that match
indicators forwarded to AutoFocus from MineMeld are marked with
an indicator tag. Click the tag to view the full list of matches.