Beside hunting for files in real time as they arrive to VirusTotal, you can also apply your YARA rules to files sent in the past with the Retrohunt feature. A Retrohunt job takes around ~3 hours to complete and scans over 400TB of files sent to VirusTotal in the last ~12 months (it could be limited to 3 months depending on your subscription tier). With the endpoints described in this section you can launch new Retrohunt jobs, track their progress and retrieve information about the matching files.