Viewing Child File Detection Information

You can view the detailed detection information of child files in a submitted sample.

  1. Go to Virtual Analyzer > Submissions.
  2. Click the ICAP-Prescan tab.
  3. Click the number in the Child Files column.

    The Child File Detections screen appears.

    The following table describes the information on the screen.

    Table 1.

    Field

    Description

    File Name

    Name of the child file

    File Type

    Filw type of the child file

    Threat

    Name of threat as detected by Trend Micro pattern files and other components

    SHA-1

    SHA-1 value of the child file

    SHA-256

    SHA-256 value of the child file

    YARA Rule Name

    Name of the YARA rule that was matched

    YARA Rule File

    Name of the YARA rule file that contains the matched YARA rule