Report for analyzed files

After file execution, available analysis results are displayed on the report page.

In the mobile version of Kaspersky Threat Intelligence Portal, only the basic report for the file is displayed. You can use a desktop version to view the full report.

Depending on the executed file's zone, the MD5 hash and status of the executed file (Malware, Adware and other, Clean, or No threats detected) are displayed on the Report for hash panel in one of the following colors:

• Red—The executed file can be classified as Malware.
• Green—The executed file has a Clean or No threats detected status. The No threats detected status is applied if the file was not classified by Kaspersky, but it was previously scanned and/or analyzed, and no threats were detected at the time of the analysis.
• Yellow—The executed file is classified as Adware and other (Adware, Pornware, and other programs).

The panel displays the color as soon as file execution completes. Also, the Submit to reanalyze button appears. You can submit the file to Kaspersky experts for analysis result re-validation.

The report page contains the following:

• Overview—Displays general information about the analyzed file.
• Detection names—Displays information about detects related to the analyzed file and that were previously reported in Kaspersky statistics.
• Dynamic analysis summary—Displays the last file scan date and graphics of detects, suspicious activities, extracted files, and network interactions detected during file execution.
• Results tab—Displays information about dynamic analysis detects and network rules triggered during analysis of traffic from the executed file. For registered users, execution map, information about suspicious activities, and screenshots are also available.
• Static analysis tab—Displays Portable Executable (PE) information and information about strings extracted during file execution.
• Sections that are available for registered users:
  • System activities tab—Displays information about activities that were registered during the file execution.
  • Extracted files tab—Displays information about files that were extracted from network traffic or saved by the executed file during the execution.
  • Network activities tab—Displays information about network activities that were registered during the file execution.
• Premium content—Displays sections that contain blurred data about the executed file. The actual data is available for users with Premium Access to Kaspersky Threat Intelligence Portal. You can request a demo version to view a full report and explore other Kaspersky Threat Intelligence Portal features.

Page top