Obtaining Artifact Details

To view the details of an artifact, present in the library, follow these steps:

1. Click on the name of the artifact the user wish to obtain details of in the Name column or click on the icon in the Actions column.

2. A window with the details of the selected file will be displayed.

3. The information presented in this sale is described below:

• Name: This is the name given to the artifact.

• Size: Shows the size of the file in Kb.

• Type: File type. Example: executable.

• Platform: Shows the operating system on which the device can be used.

• Created: Refers to the date on which the artifact was loaded onto the Platform.

• MD5: Hash associated with the artifact.

• MITRE Attack: These are the MITRE ATTACK tactics that the sample uses.

• Callback: If it shows "True" it can send a callback to the remote EVE server, "false" if it does not send a callback. For more information see the

• Force Network CyberSecurity: True" is shown if the artifact is encrypted, and "false" if it is not.

• VT / MITRE Link: A link to VT or MITRE ATT&CK.

• PDF: If the artifact has an attached document with more extensive information about the sample, it can be found in this section and, if necessary, it can be added in the edit choice. .

• Description: Displays information on the type of malware the artifact is, malicious, suspicious, and informative behaviors.

• Test status of the artifact: Shows with color indicators whether the artifact has been tested or not with the texts. Untested, PartiallyTested y Tested.

• Challenge Level: Severity of each threat showed when loading the sample into the library. An icon of the same color as the text is displayed showing the threat level.

• : allows the user to download the PDF report associated to the file if exists.

• : allows the user to download the selected sample.

• : allows the user to remove the sample from the library.

• Behavior Activities: Present the indicators of the sample.