McAfee QUICKCLEAN 3.0 User's Guide Page 108
- Page / 140
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
Table 7-6 Analysis Summary report sections (continued)
Item Description
8 GTI URL Reputation. This provides McAfee GTI reputation and severity for the URL.
9 Network activity. This section provides the details of every network operation during
dynamic analysis of the sample.
10 Screen-shots section. This section displays all the pop-up windows during dynamic
analysis. By viewing these screenshots, you can determine if user intervention is
required during dynamic analysis to know the actual behavior of the file. If user
intervention is required, you can submit the file manually in user-interactive mode.
Analysis Results section
This is a section in the Analysis Summary report. In this section, you can view which methods
reported that a sample file contains a malware.
Table 7-7 Down Selector's Analysis
Label Description
Engine
These are the possible methods that McAfee Advanced Threat Defense uses to analyze a
file.
• GTI File Reputation: Indicates McAfee GTI that is on the cloud.
• Gateway Anti_Malware: Indicates McAfee Gateway Anti-Malware engine.
• Anti-Malware: Indicates McAfee Anti-Malware Engine.
• Sandbox: Indicates that the file was executed in an analyzer VM. Refer to the Analysis
Environment section within the report to know the details of that VM.
Threat Name
Indicates the name for known malware in McAfee GTI, McAfee Gateway Anti-Malware
engine, and McAfee Anti-Malware Engine.
Severity
Indicates the severity score from various methods. The highest severity score by a
particular method is used to assign the final severity level for the sample.
Analysis Environment section
This is a section in the Analysis Summary report. You can find the following details in this section:
• Details of the corresponding analyzer VM such as the operating system, browser and version, and
the applications and their versions installed on the analyzer VM.
Figure 7-5 Analysis Environment section
• The time when the sample was submitted as per McAfee Advanced Threat Defense Appliance's
clock.
• The time taken to analyze the file and generate the reports.
7
Analyzing malware
View the analysis results
108
McAfee Advanced Threat Defense 3.0.4 Product Guide
- Product Guide 1
- COPYRIGHT 2
- TRADEMARK ATTRIBUTIONS 2
- LICENSE INFORMATION 2
- License Agreement 2
- Contents 3
- 5 Creating analyzer VM 41 4
- 7 Analyzing malware 97 4
- Index 139 5
- About this guide 7
- Find product documentation 8
- Advanced 9
- Malware detection and McAfee 10
- Advanced Threat Defense 10
- Web Gateway 14
- Defense Appliance 17
- Warnings and cautions 19
- Usage restrictions 19
- Unpack the shipment 20
- Check your shipment 20
- Port numbers 24
- Handling the front bezel 27
- Connect the network cable 28
- Defense web application 31
- Viewing user profiles 34
- Add users 35
- Figure 4-3 Add users 36
- Edit Users 37
- Delete Users 38
- Troubleshooting 39
- Delete the analysis results 40
- Creating analyzer VM 41
- • Confirm — Enter cr@cker42 45
- Processor Configuration 47
- Network Type 49
- Select I/O Controller Types 49
- Figure 5-12 Select a disk 50
- Select Write 58
- • Password — Enter cr@cker42 65
- Figure 5-33 Run sigcheck.exe 67
- Figure 5-36 Run MergeIDE 68
- Figure 5-37 Warning message 68
- Figure 5-38 Activate Windows 69
- Figure 5-39 Settings option 70
- Managing VM profiles 74
- View VM profiles 75
- Create VM profiles 76
- Figure 5-51 Shut down the VM 78
- Figure 5-53 79
- Edit VM profiles 80
- Delete VM profiles 80
- View the VM creation log 81
- Defense for malware analysis 83
- Terminologies 84
- Managing analyzer profiles 87
- View analyzer profiles 88
- Create analyzer profiles 89
- Integration with McAfee ePO 91
- Analyzing malware 100
- View the analysis results 102
- Analysis Results section 108
- Analysis Environment section 108
- Operations details section 109
- Disassembly Results 110
- Dropped files report 110
- Logic Path Graph 111
- User API Log 116
- Malware analysis monitors 118
- File Counters 119
- Files analyzed by File Type 119
- Analyzer Profile Usage 120
- Top malware by file name 120
- VM Creation Status monitor 121
- System Information 122
- Threat Defense 123
- CLI syntax 124
- Log on to the CLI 125
- Meaning of "?" 125
- Appliance 125
- List of CLI commands 126
Related products and manuals for Networking McAfee QUICKCLEAN 3.0
(12 pages)© 2020, manymanuals.com. All rights reserved. | 1.141 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals