File execution in Sandbox may fail, be completed with an error, or generate incomplete results. In this case, Kaspersky Research Sandbox displays an abridged (short) report. The displayed information is based on the results of the file scan and data from Kaspersky expert systems. For web addresses, abridged (short) reports are not available.
Web interface limitations
The Summary section in the web interface represents general information about file execution results.
The following circle charts are displayed:
Total number of objects that were detected during the file execution, and the proportion of objects classified as Malware (red) and Adware and other (yellow).
Click circle chart segments to navigate to the Threats tab.
The following tables are available: Sandbox detection names and YARA detections (for execution environments based on Microsoft Windows).
Total number of files that were downloaded or dropped by the object during the execution process, and the proportion of files with the statuses Malware (extracted files that can be classified as malicious, in red), Adware and other (extracted files are legitimate but infected or compromised at the moment of the analysis, in yellow), Clean (extracted files that can be classified as not malicious, in green), and Not categorized (no information about extracted files is available, in gray).
Click circle chart segments to navigate to the Extracted files tab.
On the Extracted files tab, only data from the Packed object content section is available.
Exporting data limitations
Abridged report exporting has the following limitations:
<report:Indicators> section includes sections for which data are available.State=Completed). Export is not available for failed and completed with error tasks.Kaspersky Research Sandbox API limitations
Obtaining abridged reports using the Kaspersky Research Sandbox API has the following limitations:
TaskState=Processing failed.