Detailed Suspicious File Information

Provides specific information about suspicious files detected on your network

Table 1. Detailed Suspicious File Information Data View




The date and time Apex Central received the data from the managed product


The date and time the managed product detected the threat


The name of the endpoint


The name of the managed product or service

Example: Apex One, ScanMail for Microsoft Exchange

Product Entity

The display name of the managed product server in Apex Central

Endpoint IP Address

The IP address of the endpoint

Endpoint Host Name

The host name of the endpoint

File Type

The type of file object

File SHA-1

The SHA-1 hash value of the file object

File Path

The path of the file object or the path of the program that executed the process

C&C List Source

The C&C list source that identified the C&C server

  • C&C IP List

  • Global Intelligence List

  • User-defined IP List

  • Virtual Analyzer List


The action taken by the managed product

Scan Type

The type of scan that reported the event (for example, Real-time Scan, Scheduled Scan, Manual Scan)


The date and time the file object was created


The date and time the file object was last modified