For analyzing files, click Analyze File on the left pane. This page displays the following options:
- Upload file for analysis.
- File analysis report that is historical uploads in tabular format with sorting options. Ability to search through the upload history using filters such as days, status, and source of submission.
- Advanced Global Search using free text search and predefined filters.
Upload File for Analysis
You can upload a single file or ZIP file, which needs to be scanned by Seqrite Malware Analysis Platform and then view the generated analysis report. The file size must be less than 100 MB.
Threats if any, are detected by various scanners and highlighted in the generated consolidated report. You can also upload password protected ZIP files for analysis.
The Seqrite Malware Analysis platform supports coverage for Windows, Linux and Android operating systems.
After analysis, if SMAP identifies a file as malicious or ransomware, you can choose to share it as intel (IoC) with the Seqrite Threat Intel (STI) through SMAP – STI integration. To learn more about sharing intel with STI refer to, Share Intel with Seqrite Threat Intel
Note: SMAP – STI integration is an add on feature and requires activation. Please contact support team to enable it.
Seqrite Malware Analysis Platform supports the following file types for analysis:
| Category | File Type |
| Office Documents | .doc, .docx, .docm, .potx, .potm, .rtf, .xls, .xlsx, .xlsm, .xlsb, .ppt, .pptm, .pptx, .pps, .ppsx, .ppsm, .ppam, .odt, .ods, .odp, .CSV |
| Scripts | .js, .py, .ps1, .bat, .vbs, .hta, .sh, .vba, .vbe, .vb, .reg, .python |
| Executables | .exe, .dll, .msi, .jar, .bat, .ps1, .vbs, .hta, .sh, .lnk, .elf |
| Archives | .zip, .cab, .7z, .rar, .tgz, .gz, .lzma, .xar, .gzip |
| Web Content | .html, .xml, .swf, .js, .htm, .url |
| Linux Executable | .elf, .sh, .py |
| Email Files | .eml, .msg |
| PDF & Portable | .pdf, .txt, .chm, .fpx, .asf, .hwp |
| Android | .apk (x86, ARM and Android OS: 4.0 and above) |
Note:You can upload a ZIP folder with maximum 10 files compressed within it.
To upload and submit the file for analysis, follow these steps:
- Log in to the Seqrite Malware Analysis Platform and click the Analyze File on the left pane.
- On the Analyze File page, navigate to Upload File for Analysis and click Browse.
- Select the file that you want to submit for analysis.
Note: To analyze a password‑protected ZIP file, you must provide the file’s password when uploading it.
- Select Stage that is Preliminary Analysis, Detonation or Manual Analysis.
- Select any predefined source from the Source list or select Others.
- Select Restricted Access. You can restrict file access to users other than admin, if the file is of a sensitive nature.
- Select Priority that is High, Medium or Low depending upon how fast you want to
analyze the file. - Add Comments for reference and click Analyze.
- Click View to view the analysis of the submitted file. See Analysis Report for more information.
Once the file is submitted for analysis, the progress and status will be displayed in the list along with the submitted time stamp.
File Analysis Report (Upload History)
Seqrite Malware Analysis Platform displays the upload history for submitted Files. It gives detailed information about uploaded files and helps to determine if it is malicious. You can filter the details by the Stage, Status, Verdict, Upload Period
Stage
You can filter the history table by stage that is, Preliminary Analysis, Detonation, or Manual Analysis.
Status
You can filter the history table by Status. The Status Information for the uploaded files can be one of the following:
| Sr. No. | Status | Description |
| 1 | All | To view all the uploaded files. |
| 2 | In queue | Waiting to be processed. |
| 3 | Failed | Analysis has failed. |
| 4 | In Progress | File analysis in progress. |
| 5 | Complete | Analysis is completed on time. |
The history table displays the status of the files being analyzed along with the following details:
- File Name
- Parent File Name
- Submitted On
- Uploaded By
- Stage
- Status: In Progress, In Queue, Completed
- Verdict
You can view the report for the uploaded file by clicking View.
Verdict
You can filter the history table by Verdict such as Clean, Malware, Ransomware, Suspicious.
Upload Period
The details of the uploaded files can be viewed for the following intervals:
- 1 Day
- 7 Days
- 1 Month
- 3 Month
Share Intel with Seqrite Threat Intel
After analysis, if SMAP identifies a file as malicious or ransomware, you can share it as intel (IoC) with the Seqrite Threat Intel (STI) through SMAP – STI integration.
Note: Share Intel is available only for users who have subscribed for Seqrite Threat Intel.
To share a file as an intel, follow these steps:
- On the Analyze File page, scroll down to File Analysis Reports.
- Choose a file you want to share as intel and click.
- Click Proceed to Share.
You will be redirected to the Seqrite Threat Intel page that is on Submissions By Users section to submit this intel and corresponding details.
Add New Intel
- Enter Incident Basic Details, that are Title, Incident Date, Intel Category and Description, and click Add IOC Manually.
- Enter IOC details that are, IOC Type, IOC Classification, IOC Value, Severity, Device Type/Source, Adversary Name, Adversary Type, Tag, and click Add.
- If you want to review the intel before submission, click Save else click Submit.