Cisco Cisco Email Security Appliance C170 사용자 가이드

Wed Sep 28 11:31:58 2016 Info: File uploaded for analysis. SHA256: 

e7ae35a8227b380ca761c0317e814e4aaa3d04f362c6b913300117241800f0ea 

Wed Sep 28 11:36:58 2016 Info: File Analysis is running for SHA: 

e7ae35a8227b380ca761c0317e814e4aaa3d04f362c6b913300117241800f0ea 

Fri Oct 7 07:39:13 2016 Info: File Analysis complete. SHA256: 

16454aff5082c2e9df43f3e3b9cdba3c6ae1766416e548c30a971786db570bfc, Submit Timestamp: 

1475825466, Update Timestamp: 1475825953, Disposition: 3 Score: 100, run_id: 194926004 

Details: Analysis is completed for the File 

SHA256[16454aff5082c2e9df43f3e3b9cdba3c6ae1766416e548c30a971786db570bfc] 

Spyname:[W32.16454AFF50-100.SBX.TG]

The file reputation disposition values are:

MALICIOUS

CLEAN

FILE UNKNOWN 

- When the reputation score is zero.

VERDICT UNKNOWN

 - When the disposition is 

FILE UNKNOWN

 and score is 

non-zero.

The name of the malware threat. 

The reputation score assigned to the file by the file reputation server.

If the file disposition is 

, the appliance adjusts the file 

reputation verdict based on the reputation score and the threshold value.

The upload action value recommended by the file reputation server to take on 
the given file: 

0

 - Need not send for upload 

1

 - Send file for upload.

The appliance uploads the file when the upload action value is 
‘1.’

2

 - Do not send file for upload 

3

 - Send only metadata for upload

The SHA-256 hash identifier for the corresponding file.

The date and time at which the file is uploaded to the file analysis server by 
the appliance. 

The date and time at which the file analysis for the file is complete 

The file reputation disposition values are.

1 

- No malware detected

2 

- Clean

3 

- Malware