Aggregated Events

This information can be found here:

File modifications—how many file modifications were made by this executable. By clicking the path, you are redirected to the Events view

File reads—show which files with sensitive content were read by the process

Registry modifications—how many registry modifications were made by this executable. By clicking the path, you are redirected to the Events view

Network connections—how many network connections were made by this executable. By clicking the path, you are redirected to the Events view

URL connections—to how many URLs did the executable connected. By clicking the path, you are redirected to the Events view

Dropped Executables—the list of executables dropped by this executable. When you click the name of the executable in the left column, you are redirected to Executable details. By clicking the path, you are redirected to the Events view

DNS Resolutions—the list of DNS events triggered by this executable.

As an additional filter, there is an Argument field in which you can specify, for example, the path to the file modifications, registry key in registry modifications, and so on.

For more events, you can click the LOAD MORE button to load more or click the LOAD ALL button to load all events, but be aware that it can take a big amount of time to load all at once. The oldest data are loaded first.