Similarity Search - Support for Non-Executables

Enhancements to Similarity Search now include support for all file types, improved speed, accuracy, and additional features for PE, resulting in an overall enhanced analysis experience.

All file type

Similarity search is applicable in numerous fields(close to 120 for all file types), but due to security reasons, we prefer not to disclose all of them. However, here are a few examples:

These features are carefully selected based on their ability to provide accurate and relevant results, and they are continuously updated to stay current with the latest malware trends and techniques.

Feature groupNumber of features
Apk22
Biffopcodes1
Emulation14
Extracted10
Extended data24
Metadata15
Segments6
Sections6
Strings5
Threat indicators2
Yara3
Triggered consumer Ids1

Some of the features are:

Apk
Biffopcodes
Emulation
Extracted
ExtendedData
MetaData
Segments
Sections
Strings
Threat Indicators
Yara
Field nameTypeDescription
Metadata version codeStringVersion code of the APK
....(Other features )..........
APK signers pathStringPath to APK signers
API events class nameStringClass name of API events
API events function nameStringFunction name of API events
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard

Similarity Search Filters

In addition to advanced technology, Similarity Search provides multi filtering search parameters. This feature offers greater flexibility and ensures that users receive the most accurate and relevant results for their specific needs.

Query filters
Non Query filters
Field nameTypePossible valuesExampleDescriptionRequired
SHA-256StringNumberYes
Submission dataDate2023-01-17T12:17:20.000ZNumberOptional
Final VerdictStringMALICIOUS, LIKELY-MALICIOUS, NO-THREAT, SUSPICIOUS, BENIGN, UNKNOWNMALICIOUSVerdict of a fileOptional
TagsStringpeexe,xmlTags of a fileOptional
ThresholdNumber1 to 100 any integerNumber

Similarity threshold 0% to 100%

Higher score means higher similarity

Optional
LimitNumber1 to 100 any integerNumberNumber of returnsOptional
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Reputation Lookup

See the "Technical Datasheet" for a complete list of features: https://docs.opswat.com/filescan/datasheet/technical-datasheet

On This Page
Similarity Search - Support for Non-ExecutablesAll file typeSome of the features are:Similarity Search Filters