All Detections - Detection Details - Connection Details Parent topic

The Connection Details section of the All Detection - Detection Details screen contains the following information:
Click View in Threat Connect to connect with Threat Connect, where you can search for current information about the threat.
Click Download and then select Connection Details to download a CSV file of the connection details.
Click Download and then select Detected File to download a password protected ZIP archive containing the detected file.
If a packet capture has been enabled and the detection matched a packet capture rule, click Download and then select PCAP File to download a password protected ZIP archive containing the pcap file. In the pcap file, the comment "Detected Packet" in the "pkt_comment" field marks the packet that triggered the detection.
packet_capture_comme.jpg

Detected Packet Example

For details about packet capture, see Packet Capture.
Click Download and then select All to download a password protected ZIP archive containing the detected file, the packet capture file, and the connection details.
Important
Important
Suspicious files and pcap files must always be handled with caution. Extract the detected file and pcap file at your own risk. Trend Micro recommends analyzing the files in an isolated environment.
The password for the zip archive is "virus".