Views:

Submit samples for analysis in a secure virtual environment.

Sandbox Analysis manages and analyzes objects submitted to the sandbox by integrated products and users.
The following table outlines the actions available on the Sandbox Analysis screen.
Action
Description
Submit objects for analysis
Click Submit Object to manually submit an object for analysis in the sandbox.
Configuring the submission settings
Set the daily reserve, view the usage guide and submission usage details, and configure global settings that affect all submissions by clicking the Submission Settings button (gear_icon=fc9a51ad-35af-4fe3-92c6-5e41b2dfc5d9.png).
View the Sandbox Analysis Report
Click Sandbox_Analysis_Report_icon=GUID-20231212104040.png to view the Sandbox Analysis Report for a submitted object.
Note
Note
On the Sandbox Analysis Report screen, click Download PDF to download the Sandbox Analysis Report in PDF format.
Create a High-Risk Submissions Report
 Click the Manage Reports drop-down menu and select High-Risk Submissions to create a High-Risk Submissions Report.
Filter submitted object data
Use the search field and drop-down menus to locate specific submitted object data.
  • Object: The name of the object
  • Submitter: The product or method that submitted the object to the sandbox
  • Submitted: The date and time the object was submitted to the sandbox
  • SHA-1: The SHA-1 hash value of the object
  • Risk level: The risk level assigned to the object by the sandbox
  • Threat type: The threat type as detected by the sandbox
  • Threat name: The name of the threat as detected by the sandbox
  • Submission ID: The unique ID of a submission
Note
Note
Partial matching applies to Object, Threat type, and Threat name.
Exact matching applies to SHA-1 and Submission ID.
Refresh the table
Click refresh=5bd75452-c2fb-43ed-90e6-7b552fdc5dd2.png in the upper-right corner to refresh the table.
View object details
Click any object name to display the Object Details panel.
Take additional actions
Click the options button (options=ddb0b67f-0654-4aa5-8bc7-48ec554c5448.png) to select additional actions on the submitted object.
Important
Important
Downloading and re-analyzing file objects requires granting Trend Micro permission to save submitted files.
  • Add to Intelligence Reports (add_to_intelligence_reports=GUID-20230222174444.png): Adds the object to Intelligence Reports and runs an auto sweep
  • View on Threat Connect (sandbox_analysis_threat_connect=GUID-5F89C25F-5693-4A7F-9844-10B64A9672A8=1=en-us=Low.png): Displays information about the object on Trend Micro Threat Connect
    Trend Micro Threat Connect enables you to identify and investigate potential threats to your environment by correlating suspicious objects detected in your environment with threat data from the Trend Micro Smart Protection Network.
  • Download Investigation Package (investigation_package=224e6f30-a8c9-45e3-b664-8be5ed1e05da.png): Downloads the Investigation Package of submitted objects with high, medium, and low risk levels
  • Download file object (download_file_obj=bdb00930-9206-4d5b-baf0-2b4cb39043bf.png): Downloads the submitted file object to your computer
    WARNING
    WARNING
    Downloading suspicious samples may potentially harm your endpoint. Ensure that you take the necessary precautions before continuing.
  • Re-analyze (re-analyze=7d0b0a7b-0fa8-46a9-80a2-8b23a5d2b4c8.png): Submits the file or URL back to the Virtual Analyzer for further analysis
    Important
    Important
    Re-analysis of objects counts toward the daily reserve.
  • Delete submission (trash_icon=GUID-47cf6867-6315-438e-8670-86ff36f22a28.png): Deletes the previous analysis results and any associated files from Sandbox Analysis
Related information