Investigate: Scan For Malware Dialog

Document created by RSA Information Design and Development on Sep 18, 2017Last modified by RSA Information Design and Development on May 8, 2018
Version 15Show Document
  • View in full screen mode
 

In the Scan for Malware dialog, Malware Analysis analysts can upload files to investigate in Malware Analysis.

To access this dialog go to the Malware Analysis view. In the Select a Malware Analysis Service dialog, select a service in the left panel, then click The Scan Files button in the right panel.

Workflow

high-level Investigate workflow with Scan Files and Hosts for Malware and associated actions highlighted

What do you want to do?

                                                
User RoleI want to ...11.1 Documentation
Threat Hunter

browse event metadata

Begin an Investigation in the Navigate or Events View

Threat Hunter

browse raw events

Begin an Investigation in the Navigate or Events View

Threat Hunter

analyze raw events and metadata

Begin an Investigation in the Event Analysis View

Threat Hunterinvestigate endpoints (Version 11.1)Investigate Hosts

Threat Hunter

find suspicious endpoint files (Version 11.1)

Investigate Files

Threat Hunterscan files and events for malware*Conducting Malware Analysis

Incident Responder

triage an incident in Investigate

NetWitness Respond User Guide

*You can perform this task in the current view.

Related Topics

Quick Look

The figure below illustrates the Scan for Malware dialog, and The following table describes the features available in the dialog.

This is the Scan for Malware dialog

                                           
FeatureDescription
Add icon Uploads a file from your computer.
Delete icon Deletes a file from the list.
File NameDisplays the names of the files added to the list.
NameAllows you to name the scan job.
CommunityDisplays options for Community to bypass or ignore certain types of files:
  • Bypass Executable
  • Bypass Office
  • Bypass PDF
SandboxDisplays options for Sandbox to bypass or ignore certain types of files:
  • Bypass Executable
  • Bypass Office
  • Bypass PDF
CancelCloses the dialog without performing any actions.
ScanScans the uploaded files.
Previous Topic:Query Dialog
You are here
Table of Contents > Investigate Reference Materials > Scan For Malware Dialog

Attachments

    Outcomes