This widget displays top suspicious files analyzed by Virtual Analyzer, along with
the
following information:
-
The file count as detected by Deep Discovery Inspector
-
The hosts affected by the suspicious file
Viewing suspicious files affecting hosts in the past 1 hour, 24 hours, 7 days or 30
days in a
graphical format allows users (typically system or network administrators) to take
appropriate
action by adding email block lists, changing HTTP or FTP servers, modifying system
files, or
writing registry keys) to remove malicious operations from affecting hosts.
Data gathered about the affected hosts includes:
Top Suspicious Files Data
|
Column Name
|
Description
|
|
File Name/SHA-1
|
The suspicious file name or SHA-1
|
|
Detections
|
Any event detected by Deep Discovery Inspector
within a certain time frame
|
|
Affected Hosts
|
Any host that was affected by a suspicious file
|
|
Malware Name
|
The name of the known malware
|
|
Severity
|
The level of threat by suspicious files
|
Click Edit to change whether data displays in a chart, graph or table.
You can also control the total number of top suspicious files displayed (up to 20).
Click the download icon (
)
beside a file name to download the suspicious file in a password-protected .zip archive.
)
beside a file name to download the suspicious file in a password-protected .zip archive.Click a row to open the Filtered
Detections screen for that malicious file with the selected time period.