The Object information section can display the following event information about the detected file:
Object—Name of the file.
By clicking the Download link next to the file name, you can download the file to the hard drive of your computer.
The file is downloaded in the form of a ZIP archive encrypted with the password “infected”. The name of the file inside the archive is replaced by the file's MD5 hash. The file extension of file inside the archive is not displayed.
Object type—Type of the file. For example: ExecutableWin32.
File size—Size of the file.
MD5—MD5 hash of a file.
Clicking the link with MD5 opens a list in which you can select one of the following actions:
Find on Kaspersky Threat Intelligence Portal.
Find events.
Create a prevention rule.
Copy value to clipboard.
SHA256—SHA256 hash of a file.
Clicking the SHA256 link opens a list in which you can select one of the following actions:
Find on Kaspersky Threat Intelligence Portal.
Find on virustotal.com.
Find events.
Create a prevention rule.
Copy value to clipboard.
Email from—Email address from which the message containing the file was sent.
Email recipients—One or more email addresses to which the message containing the file was sent.
Email subject—Message subject.
Email headers—Extended set of email message headers. For example, it can contain information about email addresses of the message sender and recipients, about mail servers that relayed the message, and the type of content in the email message.