Kaspersky information system Contains and displays reputation information for files and URL addresses.
Click Create prevention rule to prevent the file from running.
Click Download to download the file to your computer's hard drive.
The file is downloaded in the form of a ZIP archive encrypted with the password "infected". The name of the file inside the archive is replaced by the file's MD5 hash. The file extension of file inside the archive is not displayed.
File size in kilobytes.
MD5—MD5 hash of a file.
Clicking the link with MD5 opens a list in which you can select one of the following actions:
Find on TIP.
Find events.
Find alerts.
Create prevention rule.
Copy value to clipboard.
SHA256—SHA256 hash of a file.
Clicking the SHA256 link opens a list in which you can select one of the following actions:
Find on TIP.
Find on virustotal.com.
Find events.
Find alerts.
Create prevention rule.
Copy value to clipboard.
Sender email—Email address from which the message containing the file was sent.
Recipient email—One or more email addresses to which the message containing the file was sent.
Original sender email—Source email address from which the message containing the file was sent.
This field is populated with data from the 'Received' header.
Original recipient email—Source email address(es) to which the message containing the file was sent.
This field is populated with data from the 'Received' header.
Subject—Message subject.
Sender server IP —IP address of the first mail server in the message delivery chain.
Clicking the Sender server IP link with opens a list in which you can select one of the following actions:
Find events.
Find alerts.
Copy value to clipboard.
Headers—Extended set of email message headers. For example, it can contain information about email addresses of the message sender and recipients, about mail servers that relayed the message, and the type of content in the email message.