Top Suspicious Files Parent topic

This widget displays top suspicious files analyzed by Virtual Analyzer, along with the following information:
  • The file count as detected by Deep Discovery Inspector
  • The hosts affected by the suspicious file
Viewing suspicious files affecting hosts in the past 1 hour, 24 hours, 7 days or 30 days in a graphical format allows users (typically system or network administrators) to take appropriate action by adding email block lists, changing HTTP or FTP servers, modifying system files, or writing registry keys) to remove malicious operations from affecting hosts.
Data gathered about the affected hosts includes:

Top Suspicious Files Data

Column Name
Description
File Name/SHA-1
The suspicious file name or SHA-1
Detections
Any event detected by Deep Discovery Inspector within a certain time frame
Affected Hosts
Any host that was affected by a suspicious file
Malware Name
The name of the known malware
Severity
The level of threat by suspicious files
Click Edit to change whether data displays in a chart, graph or table. You can also control the total number of top suspicious files displayed (up to 20).
Click the download icon (dashboard-widgets-to.jpg) beside a file name to download the suspicious file in a password-protected .zip archive.
Click a row to open the Filtered Detections screen for that malicious file with the selected time period.