SMB File Download Overview
Access the SMB File Download page from the Monitor > Files > SMB File Downloads menu.
The Server Message Block (SMB) protocol enables applications or users to access files and other resources on a remote server.
Benefits of viewing SMB File Downloads
-
Allows you to view a compiled list of suspicious downloaded files all in one place, including the signature, threat level, URL, and malware type.
-
Allows you to filter the list of downloaded files by individual categories.
Export Data—Click the Export button to download file scanning data to a CSV file. You are prompted to narrow the data download to a selected time-frame.
The following information is available on this page.
|
Field |
Definition |
|---|---|
|
Detection Engine |
Displays the name of the detection engines with the highest confidence in threat detection. For more information, see Table 2. Other detection engines can also reach the same verdict. When two or more detection engines detects the same malware, the verdict engine determines which detection engine should be displayed in this column. |
|
Signature ID / SHA-256 / ML Hit |
If applicable, the Signature ID uniquely identifies the signature that is triggered for this detection; otherwise, the SHA-256 file hash is displayed.
|
|
Threat Level |
The threat score. |
|
Filename |
The name of the file, including the extension. |
|
Last Submitted |
The time and date of the most recent scan of this file. |
|
URL |
The URL from which the file originated. |
|
Malware |
The name of file and the type of threat if the verdict is positive for malware. Examples: Trojan, Application, Adware. If the file is not malware, the verdict is "clean." |
|
Category |
The type of file. Examples: PDF, executable, document. |