Detailed Information Screen Parent topic

On the Completed tab, click anywhere on a row to view detailed information about the submitted sample. A new section below the row shows the details.
The following fields are displayed on this screen:
Field Name
Information
File/Email Message Sample
URL Sample
Submission details
  • Basic data fields (such as Logged and File name) extracted from the raw logs
  • Sample ID (SHA-1)
  • Child files, if available, contained in or generated from the submitted sample
  • The Raw Logs link shows all the data fields in the raw logs
  • The following is a preview of the fields:
    details_url.png
  • URL
    Note
    Note
    TippingPoint Advanced Threat Protection Analyzer may have normalized the URL.
Notable characteristics
  • The categories of notable characteristics that the sample exhibits, which can be any or all of the following:
    • Anti-security, self-preservation
    • Autostart or other system reconfiguration
    • Deception, social engineering
    • File drop, download, sharing, or replication
    • Hijack, redirection, or data theft
    • Malformed, defective, or with known malware traits
    • Process, service, or memory object change
    • Rootkit, cloaking
    • Suspicious network or messaging activity
    • Other notable characteristic
  • A number link that, when opened, shows the actual notable characteristics
Other submission logs
A table that shows the following information about other log submissions:
  • Logged
  • Protocol
  • Direction
  • Source IP
  • Source Host Name
  • Destination IP
  • Destination Host Name
Reports
The PDF icon (report_pdf.png) links to a downloadable PDF report and the HTML icon (report_html.png) links to an interactive HTML report.
Note
Note
An unclickable link means there were errors during simulation. Mouseover the link to view details about the error.
Investigation package
Download links to a password-protected investigation package that you can download to perform additional investigations.
For details, see Investigation Package.
Global intelligence
View in Threat Connect is a link that opens Trend Micro Threat Connect
The page contains detailed information about the sample.