Information provided in the Related Analyzed File Information section of the Detection Details window may include the following:
-
Child objects
-
File name
-
File size (bytes)
-
Type
-
File SHA-1
-
File SHA-256
-
-
File name
-
File size
-
File type
-
File MD5
-
File SHA-1
-
File SHA-256
-
MITRE ATT&CK™ Framework
-
Tactics
-
Techniques
Tip:Click the tactic or technique to view more details on the MITRE website.
Important:MITRE information displayed on Deep Discovery Director (Internal Network Analytics Version) is based on ATT&CK™ v6. The information may be different when displayed on products that use a different version of ATT&CK™.
© ATT&CK™ is a trademark of the MITRE Corporation.
-
-
Threat
-
Virtual Analyzer risk level
YARA Detections
-
YARA Rule File
-
YARA Rules
Notable characteristics that are commonly associated with malware. Characteristics are grouped into the following categories:
-
Anti-security, self-preservation
-
Autostart or other system reconfiguration
-
Deception, social engineering
-
File drop, download, sharing, or replication
-
Hijack, redirection, or data theft
-
Malformation or other known malware traits
-
Process, service, or memory object change
-
Rootkit, cloaking
-
Suspicious network or messaging activity
-
Other notable characteristic