Searching recent execution results

The History table on the Sandbox page contains recent analysis results both for file execution and web address browsing. You can use keywords, sorting and filters to search for the required results.

To search for the certain analysis results:

  1. Enter search criteria in the Search field, and press Enter.

    In this field, you can search by file name or extension, hashes (MD5, SHA1, and SHA256), web addresses.

  2. If necessary, sort analysis results by the following parameters:
    • Created—Results will be sorted by the date and time the task was created.
    • Analyzed—Results will be sorted by the date and time the task was analyzed.
    • File size—Results will be sorted by the object size.

    By default, analysis results are sorted by the Created parameter.

  3. If necessary, sort analysis results in ascending or descending order. By default, the results are sorted in descending order.
  4. If necessary, specify the number of displayed results per page: 10, 20, 40, 60, or 100. By default, 10 results per page are displayed.
  5. If necessary, for advanced search, click the filter icon (Filter for sandbox.) and specify necessary options:
    • Created—Date pickers (calendar) to specify certain period when the task was created.
    • Zone—Zone of the analyzed objects: All, Clean, Malware, Adware and other, Not trusted, Dangerous, or Not categorized. The zone is defined according to the results obtained from Kaspersky Security Network or Kaspersky Private Security Network (depending on the configuration), anti-virus scan results, and dynamic analysis results.

      The search by Zone is performed according to the value that was initially received (when scanning the object) and saved in Kaspersky Research Sandbox. At the time of displaying these tasks, the Zone value may change as a result of the repeated request to the reputation service.

    • Status—Task processing state: All, Completed, In progress, Processing failed, Disposed.
    • File size—Range of the file size range in bytes.
    • File extension—File extension of the analyzed time.
    • Execution environment—Operating system that was used as an execution or browsing environment.
    • Custom YARA files—Samples for which custom YARA rules were used.
    • Custom Suricata files—Samples for which custom Suricata rules were used.
    • VNC access—Samples for which VNC Access was used.

    Click Search to apply filters.

The History table will contain analysis results that match your search criteria.

Page top