Submitting files

By submitting a file to Kaspersky Threat Intelligence Portal, you agree to our Terms of Use and the Privacy Statement.

Before executing a file in Kaspersky Threat Intelligence Portal, you have to upload it.

To submit a file to Kaspersky Threat Intelligence Portal:

  1. Open Kaspersky Threat Intelligence Portal at
  2. In the Analysis () section, on the File Analysis tab, select a file that you want to execute, by doing one of the following:
    • Click the Add file button, and then select the required file in the window that opens.
    • Drag and drop the required file to the drop zone.

    When the file is selected, its file name and size are displayed.

    The maximum size of a file that can be uploaded and analyzed is 256 MB. If the size of a file exceeds 256 MB, Kaspersky Threat Intelligence Portal displays a corresponding error message.

    The file must not be empty.

    The drop zone is also available if you select the Requests () item in the main menu.

  3. If you want to obtain a dynamic analysis report, select the Get a full dynamic analysis report check box. Selecting this check box is required, if you plan to obtain a full report for the file using API.
  4. If you want to analyze the file privately, select the Private submission check box.

    Kaspersky Threat Intelligence Portal allows you to submit objects for analysis privately. Private request results are not displayed on the Public requests tab in the Requests section. For registered users, their private request results are available on the My requests tab.

    However, if an object that you submitted privately was ever submitted publicly by you or another user, then the object analysis results will be added to the Public requests tab and will be available to all Kaspersky Threat Intelligence Portal users.

    Also, if you submit a file for the analysis privately, its hash is not included in the list of public requests, but the Sandbox analysis results will be available to all users who search for the hash of this file.

  5. If necessary, you can cancel the selected file upload by clicking the trash can icon ().
  6. Click the Analyze button.

File analysis may take up to three minutes. The results are displayed as they become available and can be viewed on the Public requests tab, or on the My requests tab if you submitted the file privately.

If a file was already submitted by another Kaspersky Threat Intelligence Portal user during the past hour, the corresponding execution results will be displayed without starting file analysis, regardless of your exceeded quota and report limits.

Submitted files are executed according to the parameters described in the table below:

File execution parameters




Execution environment

Microsoft Windows® 7 x64

Operating system where the file is executed.

Execution time

100 seconds

The uploaded file will only be executed in the environment. This process takes 100 seconds. The specified time does not include the time required for file analysis and displaying the results.

File type

Automatically defined by Kaspersky Threat Intelligence Portal

If you submit a Microsoft Office document or a Portable Document Format file (.PDF), Kaspersky Threat Intelligence Portal attempts to close this file during the analysis (after 50 seconds). If the file of a different format name ends with one of these extensions, Kaspersky Threat Intelligence Portal attempts to close it.

If you submit a .zip archive, Kaspersky Threat Intelligence Portal attempts to unzip it before execution. An archive can be successfully unzipped if it contains only one file and is not password protected (or if it is protected by a standard password: infected, malware, or virus).

If unzipping fails, the file is executed as an archive.

HTTPS traffic


HTTPS traffic that is generated by the object during execution is decrypted.

Internet channel


Automatically selected Internet channel that belongs to any region and does not direct traffic through the TOR network.

Page top