For details on how to perform searches, get some help.

ElasticSearch queries do not use a prefix. ie: '*windows.*' would match 'time.windows.com'

For MD5, SHA1, SHA256 and SHA512 no prefix is needed.

Prefix Description
name: File name pattern
type: File type/format
string: String contained in the binary
ssdeep: Fuzzy hash
crc32: CRC32 hash
imphash: Search for PE Imphash
iconhash: Search for exact hash of the icon associated with the PE
iconfuzzy: Search for hash designed to match on similar-looking icons
file: Open files matching the pattern
command: Executed commands matching the pattern
resolvedapi: APIs resolved at runtime matching the pattern
key: Open registry keys matching the pattern
mutex: Open mutexes matching the pattern
ip: Contact the specified IP address
domain: Contact the specified domain
url: Search for Cuckoo Sandbox URL analysis
signame: Search for Cuckoo Sandbox signatures through signature names
signature: Search for Cuckoo Sandbox signatures through signature descriptions
malfamily: Search for samples associated with malware family
surimsg: Search for Suricata Alerts MSG
surialert: Search for Suricata Alerts
surisid: Search for Suricata Alerts SID
suriurl: Search for URL in Suricata HTTP Logs
suriua: Search for User-Agent in Suricata HTTP Logs
surireferrer: Search for Referrer in Suricata HTTP Logs
surihhost: Search for Host in Suricata HTTP Logs
suritlssubject: Search for TLS Subject in Suricata TLS Logs
suritlsissuerdn: Search for TLS Issuer DN in Suricata TLS Logs
suritlsfingerprint: Search for TLS Fingerprint in Suricata TLS Logs
suritls: Search for Suricata TLS
surihttp: Search for Suricata HTTP
clamav: Local ClamAV detections
yaraname: Yara Rule Name for analysis samples
procmemyara: Yara Rule Name for process memory dumps
virustotal: Virus Total Detected Name
machinename: Name of the Target Machine
machinelabel: Label of the Target Machine
custom: Custom data
shrikemsg: Shrike Suri Alert MSG
shrikesid: Shrike Suri Alert Sid (exact int)
shrikeurl: Shrike url before mangling
shrikerefer: Shrike Referrer
comment: Search for Analysis Comments
malscore: Search for Malscore greater than the value