Administration Portal Help Center Product Info Getting Started FAQs Release Notes
 
Product Info
Getting Started
FAQs
Release Notes
Table Of Contents  

File Scanning Details

Use this page to view analysis information and a malware behavior summary for the downloaded file. The following information is displayed for suspicious files.

File Summary

Table 11: File Summary Fields

Field

Definition

Platform

The operating system of the host that downloaded the file. Example, Win32.

Threat Type

If possible, Sky ATP determines the type of threat. Example: Trojan, Application, Adware.

Malware Strain

If possible, Sky ATP determines the strain of malware detected. Example: Outbrowse.1198, Visicom.E, Flystudio.

Last Scanned

The time and date of the last scan to detect the suspicious file.

File Name

The name of the suspicious file. Examples: unzipper-setup.exe, 20160223158005.exe,, wordmui.msi.

File Size

The size of the downloaded file in bytes.

AV Results

If the AV scanner determines the file is a virus, this field indicates "positive." If not, the field indicates "negative."

sha256 and md5

One way to determine whether a file is malware is to calculate a checksum for the file and then query to see if the file has previously been identified as malware.

Hosts That have Downloaded the File

This is a list of hosts that have downloaded the suspicious file. Click the IP address to be taken to the Host Details page for this host. Click the Device Serial number to be taken to the Devices page. From there you can view device versions and version numbers for the Sky ATP configuration, including profile, whitelist, and blacklist versions. You can also view the malware detection connection type for the device: telemetry, submission, or C&C event.

Malware Behavior Summary

The information displayed here varies according to the malware type. Here is an example of a behavior summary for a level 10 threat.

Figure 3: Screen Capture: Malicious Behavior Summary

Screen Capture: Malicious Behavior Summary

Related Documentation

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:          
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit