Packed object content

Information about each file in the uploaded object.

Status—Danger level of the file.

MD5—MD5 hash of the file. This item is clickable. Hover your mouse over the required item and click Lookup to navigate to the Threat Lookup page. This will display investigation results for the file detected by the MD5 hash. Investigation results are available only if you have a valid Threat Lookup license and have not exceeded your object investigation quota. If you requested this hash in the past 24 hours, the Threat Lookup quota for your group is not affected.

Investigation results for certain hashes in this section may be unavailable on the Threat Lookup results page.

Click Download to download the item as a password-protected .zip archive. Use a default password infected to unpack an archive.

The archive may contain objects that could harm your device or data, if handled improperly. By downloading, you accept full responsibility for the handling of downloaded objects contained in the archive. You can only use the downloaded content to increase the level of protection of your devices and systems.

File name—File name and path from the root of the uploaded object.

Packer—Name of the packer used to pack the uploaded object.

File type—Automatically detected file type.

Detection names—Names of detected objects.

—

Transferred files

Files extracted from network traffic during file execution.

Status—Status of the transferred file (Clean, Adware and other, Malware, Not categorized).

If the file is related to an advanced persistent threat (APT) attack or mentioned in a threat intelligence report, the corresponding category is displayed by the file zone. You can click the corresponding MD5 hash to navigate to the Threat Lookup results page. If you have a valid commercial license for the corresponding service, and the file is related to an APT attack and/or mentioned in a report, a link to the corresponding report on the Reporting page is displayed.

MD5—MD5 hash of the transferred file. This item is clickable. Hover your mouse over the required item and click Lookup to navigate to the Threat Lookup page, which has investigation results for the file detected by the MD5 hash. Investigation results are available only if you have a valid Threat Lookup license and have not exceeded your quota for object investigation. If you requested this hash in the past 24 hours, the Threat Lookup quota for your group is not affected.

Investigation results for certain hashes in this section may be unavailable on the Threat Lookup results page.

Click Download to download the item as password-protected .zip archive. Use a default password infected to unpack an archive.

The archive may contain objects that could harm your device or data, if handled improperly. By downloading, you agree that you are informed and accept full responsibility for the handling of downloaded objects contained in the archive. You can only use the downloaded content to increase the level of protection of your devices and systems.

Type—Automatically detected file type.

Size—File size in bytes.

Traffic—Traffic that the transferred file was extracted from (HTTP or HTTPS).

Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker). Each item in the list is clickable—you can click it to view a description at the Kaspersky threats website.

Items in the table are sorted by status.

Dump files

Dump files (snapshots) of the file execution process and loaded modules.

This table is available only for execution environments that have the Android operating system installed.

Status—Danger zone (level) of the file (Clean, Adware and other, Malware, Not categorized).

File name—Name of the dump file.

Type—Automatically detected file type.

Size—File size in bytes.

MD5—MD5 hash of the file. This item is clickable. Hover your mouse over the required item and click Lookup to navigate to the Threat Lookup page, which has investigation results for the file detected by the MD5 hash. Investigation results are available only if you have a valid Threat Lookup license and have not exceeded your quota for object investigation. If you requested this hash in the past 24 hours, the Threat Lookup quota for your group is not affected.

Investigation results for certain hashes in this section may be unavailable on the Threat Lookup results page.

Click Download to download the item as password-protected .zip archive. Use a default password infected to unpack an archive.

The archive may contain objects that could harm your device or data, if handled improperly. By downloading, you agree that you are informed and accept full responsibility for the handling of downloaded objects contained in the archive. You can only use the downloaded content to increase the level of protection of your devices and systems.

Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker). Each item in the list is clickable—you can click it to view a description at the Kaspersky threats website.

—

Dropped files

Files saved by the executed file.

Status—Status of the downloaded file (Clean, Adware and other, Malware, Not categorized).

If the file is related to an advanced persistent threat (APT) attack or mentioned in a threat intelligence report, the corresponding category is displayed by the file zone. You can click the corresponding MD5 hash to navigate to the Threat Lookup results page. If you have a valid commercial license for the corresponding service, and the file is related to an APT attack and/or mentioned in a report, a link to the corresponding report on the Reporting page is displayed.

MD5—MD5 hash of the downloaded file. This item is clickable. Hover your mouse over the required item and click Lookup to navigate to the Threat Lookup page, which has investigation results for the file detected by the MD5 hash. Investigation results are available only if you have a valid Threat Lookup license and have not exceeded your quota for object investigation. If you requested this hash in the past 24 hours, the Threat Lookup quota for your group is not affected.

Investigation results for certain hashes in this section may be unavailable on the Threat Lookup results page.

Click Download to download the item as password-protected .zip archive. Use a default password infected to unpack an archive.

The archive may contain objects that could harm your device or data, if handled improperly. By downloading, you agree that you are informed and accept full responsibility for the handling of downloaded objects contained in the archive. You can only use the downloaded content to increase the level of protection of your devices and systems.

Type—Automatically detected file type.

Size—File size in bytes.

Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker). Each item in the list is clickable—you can click it to view a description at the Kaspersky threats website.

File name—File name of the downloaded file.

Items in the table are sorted by status.