The Summary section represents general information about file execution results.
The following circle charts are displayed:
Total number of objects detected during file execution, and proportion of objects with Malware (red), Adware and other (yellow), and YARA detects status.
Click circle chart segments to navigate to the Threats tab.
Total number of suspicious activities that were registered during object execution, and the proportion of activities with High (red), Medium (yellow), and Low (gray) levels.
Click circle chart segments to navigate to the Threats tab.
Total number of files that were downloaded or dropped by the object during execution, and the proportion of files with statuses Malware (extracted files that can be classified as malicious, in red), Adware and other (extracted files are legitimate but infected or compromised at the moment of the analysis, in yellow), Clean (extracted files that can be classified as not malicious, in green), and Not categorized (no information about extracted files is available, in gray).
Click circle chart segments to navigate to the Extracted files tab.
Total number of registered network interactions that the object performed during the execution process, and the proportion of network interactions with the statuses Dangerous (requests to resources with the Dangerous status, in red), Adware and other (requests to resources with the Adware and other status, in yellow), Good (requests to resources with the Good status, in green), and Not categorized (requests to resources with the Not categorized status, in gray).
Click circle chart segments to navigate to the Network activities tab.
Statistical information is represented only for the displayed results. Data in the exported results and/or API responses may differ from data displayed in the web interface.
Also, in the Summary section, the execution task details are displayed:
Date and time when the file was uploaded.
Date and time when file analysis was completed.
Date and time when the anti-virus databases were updated.
Selected environment (operating system) for the file execution.
Specified time of file execution, in seconds.
Information whether the password for the protected document was specified.
Name of the network channel that was used by the object to access the internet.
Information about whether the HTTPS traffic generated by the object was decrypted during execution.
Information about whether the debug report was generated during task execution.
Information about whether Kaspersky Research Sandbox browsed the links in the documents that were opened in the Sandbox.
Information about whether the VNC mode was used during the web address browsing.
Information about whether the sample execution in the virtual machine started immediately, without additional user actions.
Information about whether the clicker was disabled for the task in Windows environments.
File with Suricata rules that was used during the analysis. Click the file name to download the Suricata file.
Status of the file scan by using the Suricata rules (for example, Completed or Processing error). For more information about errors related to Suricata rules, please see Execution task errors section.
Date and time when the file was scanned by using the Suricata rules.
Size of the executed file in bytes.
Sample name and extension which was used to run is in the execution environment.
Automatically detected type of executed file.
File with YARA rules that was used during the analysis. Click the file name to download the YARA file.
Status of the file scan by using the YARA rules (for example, Completed or Processing error). For more information about errors related to YARA rules, please see Execution task errors section.
Date and time when the file was scanned by using the YARA rules.
Command line parameters that were used to execute the object in the Sandbox.