File Name | SHA1 | SHA256 | MIME Type | Score |
---|---|---|---|---|
{{artifact.attachment.name | fang}} | {{content.analysis_subject.sha1}} | {{content.analysis_subject.sha256}} | {{content.analysis_subject.mime_type}} | {{content.score}} |
Positives | VT Link | Sophos | Sophos ML | Total |
---|---|---|---|---|
{{content.detection.positives || "0"}} | {{content.analysis_subject.sha256}} | {{content.detection.sophos || "0"}} | {{content.detection.sophos_ml || "0"}} | {{content.detection.total || "0"}} |
Reputation Classification | Reputation Score | Prevalence | First Seen | Last Seen |
---|---|---|---|---|
{{content.reputation.score_string}} | {{content.reputation.score}} | {{content.reputation.prevalence}} | {{content.reputation.first_seen}} | {{content.reputation.last_seen}} |
Legal Copyright | Internal Name | File Version | Special Build | Company Name | Legal Trademarks | Comments | Product Name | File Description | Product Version | Private Build | Original Filename |
---|---|---|---|---|---|---|---|---|---|---|---|
{{content.pe_analysis.versioninfo.legalcopyright}} | {{content.pe_analysis.versioninfo.internalname}} | {{content.pe_analysis.versioninfo.fileversion}} | {{content.pe_analysis.versioninfo.specialbuild}} | {{content.pe_analysis.versioninfo.companyname}} | {{content.pe_analysis.versioninfo.legaltrademarks}} | {{content.pe_analysis.versioninfo.comments}} | {{content.pe_analysis.versioninfo.productname}} | {{content.pe_analysis.versioninfo.filedescription}} | {{content.pe_analysis.versioninfo.productversion}} | {{content.pe_analysis.versioninfo.privatebuild}} | {{content.pe_analysis.versioninfo.originalfilename}} |
Signing Date | Signer | Verfified | Certificate Source | Timestamp | Time Signer |
---|---|---|---|---|---|
{{content.pe_analysis.digisig.signing_date}} | {{content.pe_analysis.digisig.signer | json}} | {{content.pe_analysis.digisig.verified}} | {{content.pe_analysis.digisig.certificate_source}} | {{content.pe_analysis.digisig.timescert.timestamp}} | {{content.pe_analysis.digisig.timescert.timesigner | json}} |
SHA 265 | Is Malware | Score | Match Percentage | File Path |
---|---|---|---|---|
{{key}} | {{neighbor.is_malware}} | {{neighbor.score}} | {{neighbor.match_percentage}} | {{neighbor.filepath}} |
Category | Benign | Malware |
---|---|---|
Feature Intersections | {{content.ml_file.analyzed_counts.feature_intersections.benign}} | {{content.ml_file.analyzed_counts.feature_intersections.malware}} |
Feature Maliciousness | {{content.ml_file.analyzed_counts.feature_maliciousness.benign}} | {{content.ml_file.analyzed_counts.feature_maliciousness.malware}} |
Genetic Analysis | {{content.ml_file.analyzed_counts.genetic_analysis.benign}} | {{content.ml_file.analyzed_counts.genetic_analysis.malware}} |
Black Box | {{content.ml_file.analyzed_counts.black_box.benign}} | {{content.ml_file.analyzed_counts.black_box.malware}} |
Category | Indicator | Description | Probability | Malware | Benign |
---|---|---|---|---|---|
{{is.category}} | {{is.indicator}} | {{is.description}} | {{is.probability}} | {{is.malware}} | {{is.benign}} |
Category | Indicator | Description | Probability | Malware | Benign |
---|---|---|---|---|---|
{{fm.category}} | {{fm.indicator}} | {{fm.description}} | {{fm.probability}} | {{fm.malware}} | {{fm.benign}} |
Model Version | Model Name |
---|---|
{{content.ml_file.analyses.black_box.model_version}} | {{content.ml_file.analyses.black_box.model_name}} |
Type | Raw | Score |
---|---|---|
Benign | {{content.ml_file.analyses.black_box.benign.raw}} | {{content.ml_file.analyses.black_box.benign.score}} |
PUA | {{content.ml_file.analyses.black_box.pua.raw}} | {{content.ml_file.analyses.black_box.pua.score}} |
Feature Intersections | Feature Maliciousness | Genetic Analysis | Black Box | Overall Score | ML Aggregate Results |
---|---|---|---|---|---|
{{content.ml_file.overall_scores.feature_intersections}} | {{content.ml_file.overall_scores.feature_maliciousness}} | {{content.ml_file.overall_scores.genetic_analysis}} | {{content.ml_file.overall_scores.black_box}} | {{content.ml_file.overall_score}} | {{content.ml_aggregate_results.overall_score}} |
Subsystem | Number of Sections | File Size | Imagebase | PDB String |
---|---|---|---|---|
{{content.pe_analysis.subsystem}} | {{content.pe_analysis.numberofsections}} | {{content.pe_analysis.filesize}} | {{content.pe_analysis.imagebase}} | {{content.pe_analysis.pdbstring}} |
Number | Name | Size of Raw Data | Entropy | Virtual Size | Virtual Address | Physical Address | Characteristics |
---|---|---|---|---|---|---|---|
{{section.number}} | {{section.name}} | {{section.sizeofrawdata}} | {{section.entropy}} | {{section.virtualsize}} | {{section.virtualaddress}} | {{section.physicaladdress}} | {{section.characteristics | json}} |
Machine ID | Timestamp | Languages | PE Flags |
---|---|---|---|
{{content.pe_analysis.machineid}} | {{content.pe_analysis.timedate}} | {{content.pe_analysis.languages | json}} | {{content.pe_analysis.peflags}} |
DLL Name | APIs |
---|---|
{{content.pe_analysis.export.dllname}} | {{content.pe_analysis.export.apis}} |
DLL Name | Import By Ordinal | APIs |
---|---|---|
{{dll.dllname}} | {{dll.importbyordinal}} | {{dll.apis | json}} |
Codepage | Type | Language | Size |
---|---|---|---|
{{resource.codepage}} | {{resource.type}} | {{resource.language}} | {{resource.size}} |