The Top Callback URLs from Virtual Analyzer widget shows the most common callback URLs contained in suspicious and high-risk email messages. A callback URL is the web address of a C&C server.
When Virtual Analyzer receives an object (file or URL) from the Deep Discovery Email Inspector email scanners, Virtual Analyzer observes whether the object connects to an external network address. A high-risk object attempts to perform a callback to a known C&C server host. Virtual Analyzer reports all connections (URLs, IP addresses, and host names) made by submitted samples, including possible malware callback and other suspicious connections.
The table shows detections based on the selected time period. Click a number under Detections or High Risk Messages to learn more about the detections. Detections includes all detected email messages, including high-risk messages.
Click View all callback URLs to see all suspicious URL objects found during analysis.
For general widget tasks, see Widget Tasks.