EDR+MDR - File Analysis

Written By Marissa Fegan (Super Administrator)

Updated at October 1st, 2024

File Analysis allows you to upload any file to be analyzed by VIPRE then shows the result within a table that is filterable by date/time, status, risk, or user.

File Analysis is an important forensic tool to determine if some unknown file might be malicious, or not, and to provide detailed information about what kind of damage it might have done to an endpoint. You can also extract Indicators of Compromise that will help you identify other systems in your environment that might have been impacted by similar malicious files.

Header Description
File Name of the file that's been uploaded for analysis; clicking the name of the file provides details including whether any threats were detected (and what type), an Analysis Graph, anything that indicates a compromise, and a screenshot of the file.

 
Risk

Level of risk VIPRE has determined exists within the file

  • No risk found
  • Low risk
  • Suspicious
  • Malicious
Activity

Clicking on the icons opens the following information: 

  • System Changes
  • Network Activities
  • Registry Changes
  • Process Tree
User Name and email address of the user who uploaded the file
Created Date and time the file was uploaded

Available actions:

  • Download file
  • VirusTotal Lookup
  • Search in Google
  • Copy MD5
  • Submission Options
  • Delete