Submitted files

ESET Dynamic Threat Defense is a service that provides advanced protection from never-before-seen threats. A user can submit files for malware analysis in the cloud environment and receive a report about sample behavior. See the ESET Dynamic Threat Defense User guide for step-by-step instructions. You can remotely submit a file directly from ESMC Web Console under Threats > Show Details > Send File to EDTD.

The Submitted files window provides a list of all files submitted to ESET servers.

Submitted files window

You can see the list of submitted files and information related to those files, like the user who submitted the file and submission date. Click the submitted file and select an action from the drop-down menu.

details_default Show Details

Click to view the latest submission tab.

behavior View Behavior

View the  behavioral analysis report for a given sample.

excluion Add Exclusion To Policy

Select one or more files and click Add Exclusion To Policy to add a detection exclusion for the selected files to an existing policy. Select one policy in the pop-up window and click Add.

 

File Details Window

File Details window contains a list of file details for the selected file. It a file is submitted multiple times, details for the last submission are displayed.

Status

Result of malware analysis.

Unknown - the file was not analyzed.

Clean - none of the detection engines evaluated file as malware.

Suspicious, Highly suspicious - the file displays suspicious behavior but may not be malware.

Malicious - the file displays dangerous behavior.

State

State of the analysis. The status Re-analyzing means the result is available, but it may change after further analysis.

Last processed on

A file can be submitted for analysis many times, from more computers. This is the time of the last analysis.

Sent on

The time of submission.

Behaviors

Click View behavior to see the analysis from ESET Dynamic Threat Defense. This is only valid if the computer which submitted the file has an active ESET Dynamic Threat Defense license.

Computer

The name of the computer from which the file was submitted.

User

Computer user who submitted the file.

Reason

The reason the file was submitted.

Sent to

Part of the ESET cloud that has received the file. Not every submitted file is analyzed for malware.

Hash

SHA1 hash of the submitted file.

Size

Size of the submitted file.

Category

Category of the file. Category may not follow the file extension.

For more information about ESET Dynamic Threat Defense behavioral reports see the documentation.

Add filter and filter presets

To add filtering criteria, click Add filter and select item(s) from the list. Enter the search string(s) into the filter field(s). Active filters are highlighted in blue.

Filters can be saved to your user profile so that you can use them again in the future. Under Presets the following options are available:

Filter sets - your saved filters, click one to apply it. The applied filter is denoted with a apply_default check mark. Select Include visible columns, sorting and paging to save these parameters to the preset.

add_new_defaultSave filter set - Save your current filter configuration as a new preset. Once the preset is saved, you can not edit the filter configuration in the preset.

edit_defaultManage filter sets - Remove or rename existing presets. Click Save to apply the changes to presets.

Clear filter values - Click to remove only the current values from the selected filters. Saved presets will remain unchanged.

Remove filters - Click to remove the selected filters. Saved presets will remain unchanged.

Remove unused filters - Remove filter fields with no value.