Information available to users with Premium Access

Kaspersky Threat Intelligence Portal provides the following detailed information about the requested hash, if available, to users with Premium Access.

Signatures and certificates tab

Information about file signatures and certificates

Table name	Description	Table fields
File signatures and certificates	Information about signatures and certificates of the file identified by the requested hash.	Status—Status of the file certificate. Vendor—Owner of the certificate. Publisher—Publisher of the certificate. Signed—Date and time when the certificate was signed. Issued—Date and time when the certificate was issued. Expires—Expiration date of the certificate. Serial number—Serial number of the certificate.
Container signatures and certificates	Information about signatures and certificates of the container.	Status—Status of the container's certificate. Container MD5—MD5 hash of the container's file. Signed—Date and time when the container's certificate was signed. Issued—Date and time when the container's certificate was issued. Expires—Expiration date of the container's certificate.

Table name

Description

Table fields

File signatures and certificates

Information about signatures and certificates of the file identified by the requested hash.

Status—Status of the file certificate.

Vendor—Owner of the certificate.

Publisher—Publisher of the certificate.

Signed—Date and time when the certificate was signed.

Issued—Date and time when the certificate was issued.

Expires—Expiration date of the certificate.

Serial number—Serial number of the certificate.

Container signatures and certificates

Information about signatures and certificates of the container.

Status—Status of the container's certificate.

Container MD5—MD5 hash of the container's file.

Signed—Date and time when the container's certificate was signed.

Issued—Date and time when the container's certificate was issued.

Expires—Expiration date of the container's certificate.

Paths tab

Information about file paths

Table name	Description	Table fields
File paths	Known paths to the file on computers using Kaspersky software.	Hits—Number of path detections by Kaspersky expert systems. Path—Path to the file on user computers identified by the requested hash. Location—Root folder or drive where the file identified by the requested hash is located on user computers.

Table name

Description

Table fields

File paths

Known paths to the file on computers using Kaspersky software.

Hits—Number of path detections by Kaspersky expert systems.

Path—Path to the file on user computers identified by the requested hash.

Location—Root folder or drive where the file identified by the requested hash is located on user computers.

Names tab

Information about file names

Table name	Description	Table fields
File names	Known names of the file on computers using Kaspersky software.	Hits—Number of file name detections by Kaspersky expert systems. File name—Name of the file identified by the requested hash.

Table name

Description

Table fields

File names

Known names of the file on computers using Kaspersky software.

Hits—Number of file name detections by Kaspersky expert systems.

File name—Name of the file identified by the requested hash.

Downloads tab

Information about web addresses from which the file was downloaded

Table name	Description	Table fields
File downloaded from web addresses and domains	Web addresses and domains from which the file was downloaded.	Status—Status of web addresses or domains used to download the file identified by the requested hash. Web address—Web addresses used to download the file identified by the requested hash. Last downloaded—Date and time when the file identified by the requested hash was last downloaded from the web address / domain. Domain—Upper domain of the web address used to download the file identified by the requested hash. IP count—Number of IP addresses that the domain resolves to.

Table name

Description

Table fields

File downloaded from web addresses and domains

Web addresses and domains from which the file was downloaded.

Status—Status of web addresses or domains used to download the file identified by the requested hash.

Web address—Web addresses used to download the file identified by the requested hash.

Last downloaded—Date and time when the file identified by the requested hash was last downloaded from the web address / domain.

Domain—Upper domain of the web address used to download the file identified by the requested hash.

IP count—Number of IP addresses that the domain resolves to.

Web addresses tab

Information about web addresses

Table name	Description	Table fields
File accessed the following web addresses	Web addresses accessed by the file identified by the requested hash.	Status—Status of accessed web addresses. Web address—Web addresses accessed by the file identified by the requested hash. Last accessed—Date and time when the file identified by the requested hash last accessed the web address. Domain—Upper domain of the web address accessed by the file identified by the requested hash. IP count—Number of IP addresses that the domain resolves to.

Table name

Description

Table fields

File accessed the following web addresses

Web addresses accessed by the file identified by the requested hash.

Status—Status of accessed web addresses.

Web address—Web addresses accessed by the file identified by the requested hash.

Last accessed—Date and time when the file identified by the requested hash last accessed the web address.

Domain—Upper domain of the web address accessed by the file identified by the requested hash.

IP count—Number of IP addresses that the domain resolves to.

Started objects tab

Information about started objects

Table name	Description	Table fields
File started the following objects	Objects started by the file identified by the requested hash.	Status—Status of started objects. Hits—Number of times the file identified by the requested hash started the object, as detected by Kaspersky expert systems. File MD5—MD5 hash of the started object. Location—Root folder or drive where the started object is located on user computers. Path—Path to the object on user computers. File name—Name of the started object. Last started—Date and time when the object was last started by the file identified by the requested hash. Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker).
File was started by the following objects	Objects that started the file identified by the requested hash.	Status—Status of objects that started the file identified by the requested hash. Hits—Number of times the file identified by the requested hash was started, as detected by Kaspersky expert systems. File MD5—MD5 hash of the object that started the file identified by the requested hash. Location—Root folder or drive where the object is located on user computers. Path—Path to the object on user computers. File name—Name of the object that started the file identified by the requested hash. Last started—Date and time when the file identified by the requested hash was last started. Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker).

Table name

Description

Table fields

File started the following objects

Objects started by the file identified by the requested hash.

Status—Status of started objects.

Hits—Number of times the file identified by the requested hash started the object, as detected by Kaspersky expert systems.

File MD5—MD5 hash of the started object.

Location—Root folder or drive where the started object is located on user computers.

Path—Path to the object on user computers.

File name—Name of the started object.

Last started—Date and time when the object was last started by the file identified by the requested hash.

Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker).

File was started by the following objects

Objects that started the file identified by the requested hash.

Status—Status of objects that started the file identified by the requested hash.

Hits—Number of times the file identified by the requested hash was started, as detected by Kaspersky expert systems.

File MD5—MD5 hash of the object that started the file identified by the requested hash.

Location—Root folder or drive where the object is located on user computers.

Path—Path to the object on user computers.

File name—Name of the object that started the file identified by the requested hash.

Last started—Date and time when the file identified by the requested hash was last started.

Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker).

Downloaded objects tab

Information about downloaded objects

Table name	Description	Table fields
File downloaded the following objects	Objects downloaded by the file identified by the requested hash.	Status—Status of downloaded objects. Hits—Number of times the object was downloaded, as detected by Kaspersky expert systems. File MD5—MD5 hash of the downloaded object. Location—Root folder or drive where the downloaded object is located on user computers. Path—Path to the downloaded object on user computers. File name—Name of the downloaded object. Last downloaded—Date and time when the object was last downloaded by the file identified by the requested hash. Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker).
File was downloaded by the following objects	Objects that downloaded the file identified by the requested hash.	Status—Status of objects that downloaded the file identified by the requested hash. Hits—Number of times the file identified by the requested hash was downloaded, as detected by Kaspersky expert systems. File MD5—MD5 hash of the object that downloaded the file identified by the requested hash. Location—Root folder or drive where the object is located on user computers. File name—Name of the object that downloaded the file identified by the requested hash. Path—Path to the object on user computers. Last downloaded—Date and time when the file identified by the requested hash was last downloaded. Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker).

Table name

Description

Table fields

File downloaded the following objects

Objects downloaded by the file identified by the requested hash.

Status—Status of downloaded objects.

Hits—Number of times the object was downloaded, as detected by Kaspersky expert systems.

File MD5—MD5 hash of the downloaded object.

Location—Root folder or drive where the downloaded object is located on user computers.

Path—Path to the downloaded object on user computers.

File name—Name of the downloaded object.

Last downloaded—Date and time when the object was last downloaded by the file identified by the requested hash.

Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker).

File was downloaded by the following objects

Objects that downloaded the file identified by the requested hash.

Status—Status of objects that downloaded the file identified by the requested hash.

Hits—Number of times the file identified by the requested hash was downloaded, as detected by Kaspersky expert systems.

File MD5—MD5 hash of the object that downloaded the file identified by the requested hash.

Location—Root folder or drive where the object is located on user computers.

File name—Name of the object that downloaded the file identified by the requested hash.

Path—Path to the object on user computers.

Last downloaded—Date and time when the file identified by the requested hash was last downloaded.

Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker).

Page top