Kaspersky Threat Intelligence Portal provides information about activities that were registered during the file execution.
This tab is available only for registered users.
Loaded PE images
Loaded PE images that were detected during the file execution.
Loaded PE images
Field name |
Description |
|---|---|
Path |
Full path to the loaded PE image. |
Size |
Size of the loaded PE image in bytes. |
File operations
File operations that were registered during the file execution.
File operations
Field name |
Description |
|---|---|
Operation |
Operation name. |
Name |
Path and name of the file. |
Size |
Size of the file in bytes. |
Registry operations
Operations performed on the operating system registry that were detected during the file execution. Operations that have led to suspicious activities are shown first.
Registry operations
Field name |
Description |
|---|---|
Operation |
Operation name. |
Details |
Operation attributes. |
Process operations
Interactions of the file with various processes that were registered during the file execution.
Process operations
Field name |
Description |
|---|---|
Interaction type |
Type of interaction between the executed file and a process. |
Process name |
Name of the process that interacted with the executed file. |
Synchronize operations
Operations of created synchronization objects (mutual exclusions (mutexes), semaphores, and events) that were registered during the file execution.
Synchronize operations
Field name |
Description |
|---|---|
Type |
Type of the created synchronization object. |
Name |
Name of the created synchronization object. |