[MDS] Response/Tools - Pinpoint Detection
You can specify a suspicious file or URL for pinpoint detection. and get the scan results in real-time.
2. Menu tree
Click Response on the top > Select the Pinpoint Detection tab > click Search ().
- Status: The scan status - In progress, Succeeded or Failed.
- Scan Result: The scan result - Normal or Malicious.
- Type: The scan target - File or URL.
- Scan Target: The scanned host.
- Pinpoint Detection Event ID: The scan ID.
- Event ID: The event ID that resulted in pinpoint scan command.
- Scan Requested Time: The time the scan was requested.
- Scan Completed Time: The time the scan was completed.
4. How to run the Pinpoint Detection
1) Response Menu
- Click Response on the top > Select the Pinpoint Detection tab > Click Pinpoint Detection on the top-left.
-As for the file, click Browse... and add or drag-and-drop the file to scan. As for URL, enter the URL to scan.
- Set the following pinpoint detection settings.
Dynamic analysis time: Enter between 10 - 3,600 seconds for the file analysis time in a virtual machine (VM) environment. If you exceed the entered time, the dynamic analysis will end.
Password: To scan encrypted files with password, enter the password to decrypt the file.
Parameter: Enter specific parameter conditions that can provoke malware behaviors of the malware file.
- Click Scan.
2) Tools Menu
- Click Tools on the top >Select the Pinpoint Detection tab.
- <Pinpoint Detection> appears. Select File or URL.
- Set the pinpoint detection settings.
- When the pinpoint scan is completed, select Response on the top.
- Select the Pinpoint Detection tab and check the scan results.
※ You can run the pinpoint scan on all extensions in size up to 300 MB as maximum.
※ To save the result in CSV format on your local PC, click Export.