Search Based on Observed Behavior

You can now find samples based on behaviors seen when the sample was executed in the WildFire™ analysis environment. For example, you can search for samples that created and modified files, started processes, spawned new processes, modified the registry, or installed browser help objects (BHOs).
  1. Start or continue an AutoFocus search.
  2. Select the artifact type
    Observed Behavior
    :
    ga-1-behavior-search-1.png
  3. Browse the complete list of possible behaviors. Select at least one behavior to find samples for which that behavior was seen when executed in the WildFire sandbox.
    ga-1-behavior-search-2.png
  4. Next steps:

Related Documentation