Deep Discovery Analyzer 6.9 Online Help

Collapse AllExpand All
  • account management [1]
  • Activation Code [1]
  • Active Directory Federation Services (AD FS) [1]
  • AD FS [1]
  • administration [1]
    • file passwords [1]
  • Advanced Threat Scan Engine [1] [2]
  • alerts [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16]
  • API key [1]
  • ATSE [1] [2]
  • average Virtual Analyzer queue time alert [1]
  • C&C list [1]
  • components [1]
  • configuration
    • management console [1]
  • contact management [1]
  • CPU usage alert [1]
  • critical alerts [1] [2]
  • customized alerts and reports [1]
  • dashboard [1] [2]
  • Deep Discovery Malware Pattern [1] [2]
  • detected message alert [1]
  • detection surge alert [1]
  • disk space alert [1]
  • documentation feedback [1]
  • email scanning
    • file passwords [1]
  • exceptions [1]
  • file passwords [1]
  • generated reports [1]
  • getting started
    • management console [1]
  • getting started tasks [1]
  • HTTPS certificate [1]
    • geenrate a certificate signing request [1]
    • import and replace certificate [1]
  • ICAP [1]
    • headers [1]
    • MIME content-types [1]
    • settings [1]
  • ICAP integration [1]
  • identity provider [1]
    • configure [1]
    • federation metadata file [1]
  • image import tool [1]
  • images [1] [2] [3]
  • important alerts [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11]
  • import image [1]
  • informational alerts [1]
  • integration with other products [1]
  • IntelliTrap Exception Pattern [1] [2]
  • IntelliTrap Pattern [1] [2]
  • Internet Content Adaptation Protocol (ICAP) [1]
  • license [1]
  • license expiration alert [1]
  • log settings [1]
  • management console [1]
    • navigation [1]
    • session duration [1]
  • management console accounts [1]
  • message delivery alert [1]
  • Network Content Correlation Pattern [1]
  • Network Content Inspection Engine [1]
  • Network Content Inspection Pattern [1]
  • notification parameters [1]
  • OAuth 2.0 [1]
  • Okta [1]
  • on-demand reports [1]
  • preconfiguration console [1]
  • processing surge alert [1]
  • product integration [1]
  • reports [1] [2]
    • on demand [1]
  • report schedules [1]
  • SAML authentication [1]
    • Configuration overview [1]
    • Supported identity providers [1]
  • SAML integration
    • configuring identify provider settings [1]
  • sandbox analysis [1] [2]
  • sandbox error alert [1]
  • sandbox images [1] [2] [3]
  • sandbox instances [1]
  • sandbox management [1]
    • archive passwords [1]
    • images [1]
    • image status [1]
    • network connection [1] [2]
    • Virtual Analyzer status [1]
  • sandbox queue alert [1]
  • Script Analyzer Pattern [1]
  • Security Assertion Markup Language (SAML) [1]
  • service provider [1]
    • certificate [1]
    • metadata file [1]
  • service stopped alert [1]
  • Spyware/Grayware Pattern [1]
  • submissions [1]
  • support
    • resolve issues faster [1]
  • suspicious objects [1]
  • syslog server [1]
  • syslog settings
    • syslog server [1]
  • system maintenance [1]
    • back up tab [1]
      • configuration settings backup [1]
      • data backup [1]
    • cluster tab
    • nodes list [1]
    • restore tab [1]
  • system settings [1]
    • Network Tab [1]
    • Password Policy Tab [1]
    • power off / restart tab [1]
    • Proxy Tab [1]
    • Session Timeout Tab [1]
    • Time Tab [1]
  • tabs [1]
  • third-party licenses [1]
  • TLS [1]
  • tools [1]
  • unreachable relay MTA alert [1]
  • update completed surge [1]
  • update failed alert [1]
  • updates [1]
    • components [1]
    • firmware [1]
    • update settings [1]
  • Virtual Analyzer [1] [2]
    • file passwords [1]
    • image import tool [1]
    • import image [1] [2]
  • Virtual Analyzer Configuration Pattern [1]
  • Virtual Analyzer Sensors [1]
  • watchlist alert [1]
  • widgets [1] [2]
  • YARA rule file

Manually Submitting Objects in Windows Parent topic

Procedure

  1. If it is not already installed, install the Manual Submission Tool. For details, see Manual Submission Tool.
  2. Go to the Manual Submission Tool package folder, open the work folder, and then place all of the sample files or an URL list file into the indir folder.
  3. Run cmd.exe, and change the directory (cd) to the tool package folder.
  4. Depending on the type of object you want to upload, do one of the following:
    Tip
    Tip
    Execute dtascli.exe for help.
    • File: Execute dtascli.exe -u to upload all of the files in the work/indir folder to Virtual Analyzer.
      After executing dtascli.exe -u, cmd.exe shows the following, along with all of the files that were uploaded from the work/indir folder.
      submission_manual_cm.png
    • URL list: Execute dtascli.exe -u --url to upload the file url.txt in the work/indir folder to Virtual Analyzer.
      After executing dtascli.exe -u --url, cmd.exe shows the following, along with all of the files that were uploaded from the work/indir folder.
      submission_tool_url_.png
      Note
      Note
      The URL list must use the name URL.txt.
      Before submission, Deep Discovery Analyzer normalizes all occurrences of the following:
      • Punycode for URL domains
      • URL encoding for URL paths and query strings
  5. After uploading the files to Virtual Analyzer, confirm that they are being analyzed in the management console. Click Virtual AnalyzerSubmissions to locate the files.
    Shortly after submitting the files, before they have been analyzed, they appear in the Processing or Queued tab. When the samples have been analyzed, they appear in the Completed tab. If the samples encountered errors during analysis, they appear in the Unsuccessful tab.