Analysis file report

The Analysis subject sections display detailed information about the file or files contained or accessed by the sample as it was processed by the VMware backend. Click the plus icon to expand the section.

For an executable file, the following data is displayed:

  • Name The name of the executable, if available.

  • MD5 The MD5 hash of the file. Click Intelligence pages icon to view the file in Intelligence pages.

  • SHA1 The SHA1 hash of the file. Click Intelligence pages icon to view the file in Intelligence pages.

  • File type The type of executable, for example, PE executable, application, 32-bit, Intel i386.

  • File size The file size.

  • Command line The full command line, including any arguments or options. For example, C:\Users\ExampleUser\AppData\Local\Temp\exe_malware.exe.

  • Execution context The privilege level invoked by the executable.

  • Architecture The architecture of the executable.

  • Analysis reason Why the VMware backend started processing the file.