Detailed Suspicious File Information

Provides specific information about suspicious files detected in the network.

Table 1. Detailed Suspicious File Information Data View




Displays the time that Control Manager receives data from the managed product.


Displays the time that the managed product detected the suspicious object


The endpoint where the suspicious object was found.


Displays the name of the managed product. Example: OfficeScan, ScanMail for Microsoft Exchange

Product Entity

Displays the entity display name for a managed product. Control Manager identifies managed products using the managed product's entity display name.

Endpoint IP Address

IP address of the endpoint

Endpoint Host Name

Host name of the endpoint

File Type

File type of suspicious object

File SHA-1

SHA-1 hash value of the suspicious object

File Path

File path and name of suspicious object

C&C List Source

The source of the list containing C&C addresses

  • Global Intelligence (Trend Micro Global Intelligence network, including Smart Protection Network)

  • Analyzers in managed products (Virtual Analyzer or Network Content Inspection Engine relevance rules)

  • User-defined C&C list configured in Control Manager and in the managed product, such as Deep Discovery Inspector


Action to address the suspicious object

Scan Type

Scan type that detected the suspicious object


Displays the time the suspicious object was created in the endpoint


Displays the time the suspicious object was modified in the endpoint