Below is the list of available detection categories. These categories are applicable to Kaspersky feeds and OSINT feeds supported by Kaspersky CyberTrace.
Detection category |
Description |
KL_APT_Hash_MD5 |
Hash of a malicious file used in an APT campaign is detected by Kaspersky CyberTrace. |
KL_APT_Hash_SHA1 |
Hash of a malicious file used in an APT campaign is detected by Kaspersky CyberTrace. |
KL_APT_Hash_SHA256 |
Hash of a malicious file used in an APT campaign is detected by Kaspersky CyberTrace. |
KL_APT_IP |
IP address used in an APT campaign is detected by Kaspersky CyberTrace. |
KL_APT_URL |
URL used in an APT campaign is detected by Kaspersky CyberTrace. |
KL_BotnetCnC_URL |
Botnet C&C URL is detected by Kaspersky CyberTrace. |
KL_ICS_Hash_MD5 |
ICS hash is detected by Kaspersky CyberTrace. |
KL_ICS_Hash_SHA1 |
ICS hash is detected by Kaspersky CyberTrace. |
KL_ICS_Hash_SHA256 |
ICS hash is detected by Kaspersky CyberTrace. |
KL_InternalTI_URL |
URL of the Internal TI list of Kaspersky CyberTrace. |
KL_InternalTI_IP |
IP of the Internal TI list of Kaspersky CyberTrace. |
KL_InternalTI_Hash_MD5 |
Hash of the Internal TI list of Kaspersky CyberTrace. |
KL_InternalTI_Hash_SHA1 |
Hash of the Internal TI list of Kaspersky CyberTrace. |
KL_InternalTI_Hash_SHA256 |
Hash of the Internal TI list of Kaspersky CyberTrace. |
KL_IoT_Hash_MD5 |
Hash of an IoT is detected by Kaspersky CyberTrace. |
KL_IoT_Hash_SHA1 |
Hash of an IoT is detected by Kaspersky CyberTrace. |
KL_IoT_Hash_SHA256 |
Hash of an IoT is detected by Kaspersky CyberTrace. |
KL_IoT_URL |
URL that infects Internet of Things-enabled (IoT) devices is detected by Kaspersky CyberTrace. |
KL_IP_Reputation |
Malicious IP address is detected by Kaspersky CyberTrace. |
KL_Malicious_URL |
Malicious URL is detected by Kaspersky CyberTrace. |
KL_Malicious_Hash_MD5 |
Malicious hash is detected by Kaspersky CyberTrace. |
KL_Malicious_Hash_SHA1 |
Malicious hash is detected by Kaspersky CyberTrace. |
KL_Malicious_Hash_SHA256 |
Malicious hash is detected by Kaspersky CyberTrace. |
KL_Mobile_Malicious_Hash_MD5 |
Mobile malicious hash is detected by Kaspersky CyberTrace. |
KL_Mobile_Malicious_Hash_SHA1 |
Mobile malicious hash is detected by Kaspersky CyberTrace. |
KL_Mobile_Malicious_Hash_SHA256 |
Mobile malicious hash is detected by Kaspersky CyberTrace. |
KL_Mobile_BotnetCnC_URL |
Mobile botnet C&C URL is detected by Kaspersky CyberTrace. |
KL_Phishing_URL |
Phishing URL is detected by Kaspersky CyberTrace. |
KL_Ransomware_URL |
URL that hosts ransomware is detected by Kaspersky CyberTrace. |
AbuseCh_Feodo_Block_IP |
IP address from the Abuse.Ch_Feodo_Block_IP feed is detected by Kaspersky CyberTrace. |
AbuseCh_Ransomware_Block_URL |
URL from the Abuse.Ch_Ransomware_Block_URL feed is detected by Kaspersky CyberTrace. |
AbuseCh_Ransomware_Block_Domain |
Domain from the Abuse.Ch_Ransomware_Block_Domain feed is detected by Kaspersky CyberTrace. |
AbuseCh_Ransomware_Block_IP |
IP address from the Abuse.Ch_Ransomware_Block_IP feed is detected by Kaspersky CyberTrace. |
AbuseCh_Ransomware_Common_URL |
URL from the Abuse.Ch_Ransomware_Common_URL feed is detected by Kaspersky CyberTrace. |
AbuseCh_SSL_Certificate_Block_IP |
IP address from the AbuseCh_SSL_Certificate_Block_IP feed is detected by Kaspersky CyberTrace. |
AbuseCh_SSL_Certificate_Hash_SHA1 |
Hash from the AbuseCh_SSL_Certificate_Hash_SHA1 feed is detected by Kaspersky CyberTrace. |
BlocklistDe_Block_IP |
IP from the BlocklistDe_Block_IP feed is detected by Kaspersky CyberTrace. |
CyberCrime_Tracker_Block_Url |
URL from the CyberCrime_Tracker_Block_Url feed is detected by Kaspersky CyberTrace. |
EmergingThreats_Block_IP |
IP address from the EmergingThreats_Block_IP feed is detected by Kaspersky CyberTrace. |
EmergingThreats_Compromised_IP |
IP address from the EmergingThreats_Compromised_IP feed is detected by Kaspersky CyberTrace. |