Affected Hosts - Detection Details - File Analysis Result

The File Analysis Result section of the Affected Hosts - Detection Details screen contains the following information:

Click View Virtual Analyzer Report to view the Virtual Analyzer report.

Click Download and then select Virtual Analyzer Report to download the Virtual Analyzer report.

Tip:

Viewing or downloading the Virtual Analyzer report may take longer than the other options. Allocate more time for the Virtual Analyzer report to appear or download.

Click Download and then select Investigation Package to download a password protected ZIP archive containing the investigation package.

Important:

Suspicious files must always be handled with caution. Extract the detected file at your own risk.

The password for the zip archive is "virus".

Click Download and then select Detected File to download a password protected ZIP archive containing the detected file.

Click Download and then select All to download a password protected ZIP archive containing the detected file, the Virtual Analyzer report, and the investigation package.

Affected Hosts - Detection Details - File Analysis Result - File Information

Information provided in the File Analysis Result - File Information section of the Detection Detailswindow may include the following:

  • Child files

    • File name

    • File size (bytes)

    • File type

    • File SHA-1

  • File name

  • File size

  • File type

  • File MD5

  • File SHA-1

  • File SHA-256

  • Threat

  • Virtual Analyzer risk level

Affected Hosts - Detection Details - File Analysis Result - Notable Characteristics

Information provided in the File Analysis Result - Notable Characteristics section of the Detection Details window may include characteristics that are commonly associated with malware. Characteristics are grouped into the following categories:

  • Anti-security, self-preservation

  • Autostart or other system reconfiguration

  • Deception, social engineering

  • File drop, download, sharing, or replication

  • Hijack, redirection, or data theft

  • Malformation or other known malware traits

  • Process, service, or memory object change

  • Rootkit, cloaking

  • Suspicious network or messaging activity

  • Other notable characteristic