File Analysis allows you to upload an executable file into an environment where it is placed in a queue to be executed and analyzed automatically. The results are then made available to all FireAMP users. The File Analysis page also allows you to search for the SHA-256 of an executable file to find out if the file has already been analyzed. If the file has been analyzed, then the analysis report is available and can be viewed by any user.
Upload a File for Analysis
1. Navigate to the File Analysis page. Click on Analysis menu and then select File Analysis.
2. On the File Analysis page, you can provide the SHA-256 or the name of the file that you want to be analyzed.
3. If an analysis exists for the entered SHA-256, you will be able to see the analysis status and report.
4. If the file was not analyzed before, you can submit your file for analysis. In order to upload a file, click on Submit file for analysis button, browse the file you want to upload, and click the Upload button.
View a Report on File Analysis
After a file is uploaded, it takes approximately 30 to 60 minutes for the analysis to be completed, depending on file type and sandbox load.
You can view a report for Completed analysis by clicking on the Report button.
When a file analysis is in progress, you will be able to see the In Progress status as below. Once the analysis is complete, the Report button becomes available.
Supported Files for File Analysis
The File Analysis sandbox supports the following applications:
- Microsoft EXE
- MS Office files