Manual Valkyrie Analysis Results
The 'Valkyrie analysis results' tab will be available only if the administrator has opted to submit unknown files to Valkyrie for in-depth analysis. Refer to the sections 'Scanning Computers' and 'Analyzing Files with Valkyrie' for more details about scanning endpoints and about Valkyrie.
To view the Valkyrie scan results, click the 'Valkyrie analysis results' tab.
Sorting
option
- Click on a column header to sort the results in ascending/descending order
|
Valkyrie Analysis Results - Table of Column Descriptions |
|
|---|---|
|
Column Header |
Description |
|
Name |
The name of the file. The icon beside a file indicates a malware file. |
|
Size |
The size of the analyzed file. |
|
Verdict |
The result of Valkyrie analysis of a file. Indicates if the file is a malware or safe. |
|
Status |
The file has been successfully analyzed by Valkyrie. |
|
White Listed |
Indicates whether the file has been whitelisted after the manual review. Even if a program is marked as whitelisted, it will be detected again during the next scan but shown as whitelisted. |
To view Valkyrie results manually:
The 'Valkyrie' website at https://valkyrie.comodo.com provides detailed results for the scans that are run and includes the following options:
- Submit the files for manual analysis
- View detailed information about each file
- Download the result for each in PDF format
- View detailed information about each detected file from VirusTotal.com website
You will be navigated to the Valkyrie website login page at https://valkyrie.comodo.com
- If you do not have an account, click the 'Create an account' link, provide the required details and sign up for an account, which is free.
- If you already have an Valkyrie account, enter the credentials and click the 'Sign In' button.
The 'Dashboard' page will be displayed by default.
You can navigate to different pages of the website by clicking your account name on the top right side of the page.
- My Dashboard - Provides details of each file that was submitted to Valkyrie for analysis, including its SHA1 signature, submitted date and more. Refer to the section 'Dashboard' for more details.
- My Stats - Provides the summary of files analyzed by Valkyrie for your account. Refer to the section 'Valkyrie Usage Statistics' for more details.
- Activity Logs - Provides the Valkyrie account usage details such as date and time of login, the source IP of the computer used to login and more. Refer to the section 'Activity Logs' for more details.
- My APT Scans - The scan start and end date, number of files scanned, queried files, uploaded files, cleaned files and malware files and the actions that can be performed for each scan information.
- Unparalleled Protection – Provides statistics with monthly details of total number of malware files that were not detected by previous vendor and AV industry.
- Weekly Unknown Stats – Provides graphical representation of Malware and unknown files.
- Settings - This option displays the details of the user and portal.
- Log Out - Allows you to log out of your account.
Dashboard
The 'Dashboard' page of Valkyrie displays the details of analysis for the files submitted. From this page, you can view the download auto analysis report, view details of static analysis, view details of dynamic analysis and more.
-
Click 'My Dashboard'
The details of each analyzed file will be displayed in the table. The number of items to be displayed on each page can be selected from the 'Show entries' option on the left.
The summary of analysis requests and results are displayed at the top of the table.
Sort and search options
Sorting the entries
- You can sort the items in ascending/descending order by clicking on the column headers.
Searching for particular item(s)
- Enter the details partially or fully in the search field on the top right side. You can search for items based on all columns except the 'Actions' column.
- To display all the entries again, clear the search field.
|
Valkyrie Detailed Analysis Results - Table of Column Descriptions |
|
|---|---|
|
Column Header |
Description |
|
File Name |
The name of the submitted file. |
|
Path |
The IP of the endpoint and the file's path details. |
|
SHA1 |
The SHA1 hash value of the file. |
|
Last Activity |
The date and time the last activity of analysis was performed. |
|
Final Verdict |
The Valkyrie dynamic and static analysis results for the file. The results available are:
|
|
Human Expert Verdict |
The results of the file after Human expert analysis: Clean - File is safe to run
|
|
Human Expert Analysis Status |
Indicates the status of files submitted for Human Expert analysis. The statuses are:
|
|
Request Type |
Indicates the method by which Valkyrie analysis is requested. There are two methods: Queried – The |
|
Actions |
The available actions are: - View Info - You can view the complete details of the results for the file such as summary, static analysis, dynamic analysis and file details. Refer to 'File Analysis Results' for more details. - Download Automatic Analysis Report - Allows you to download the report in PDF format. Refer to 'Download Automatic Analysis Report' for more details. - View Virus Total Result - Takes you to the Virus Total website that displays its results for the file. Refer to 'View Virus Total Results for the File' for more details. - Send to Manual Analysis - Allows you to submit the file for manual analysis by Comodo technicians. Refer to 'Send the File for Manual Analysis' for more details. |
- Click the 'View Info' icon under the 'Actions' column for a file to view its detailed results
A new web page will open displaying the detailed results for the file.
- Click the 'Summary' tab
Summary - The top section shows file details such as name, file type, and more. At the top right, the 'Valkyrie Final Verdict' is displayed. The details under 'Analysis Summary' displays the summary of the file analysis such as signature based detected, static analysis overall verdict and dynamic overall verdict for the file.
- To view the detailed results of static analysis of the file, click the 'Static Analysis' tab
Static Analysis - Static process
includes analyzing the file's binary properties extracted from it
such as its sections, entropy , packer type and many more. Any
deviation from the expected values in these features provides the
clue about the nature of the file.
Scroll down the page to view static
analysis overall verdict for the file as well as detailed result for
each of the parameter checked for the file.
- To view the detailed results of dynamic analysis of the file, click the 'Dynamic Analysis' tab
Dynamic Analysis - The dynamic process includes the run-time behavior of the file in an test environment. The page provides the dynamic analysis overall verdict and behavioral information for the file. Scroll down the page to view the detailed behavioral information for the file.
- To view the more details about the file, click the 'File Details' tab
File Details - Provides additional file information such as the file path on the client machine, PE headers, PE sections and more. Scroll down the page to view the details file information.
Download Automatic Analysis Report
- Click the 'Download Automatic Analysis Report' icon under the 'Actions' column for a file to download the report in PDF format
A new web page will open displaying the detailed results for the file.
The report contains the compiled results of the automatic analysis explained in the File Analysis Results section. Scroll down the page to view the full report and save it.
View Virus Total Results for the File
Virus Total, a subsidiary of Google, is a information aggregation website and one of its function is to aggregate output data of different antivirus engines, website scanners and so on. Valkyrie allows to get the details of the file from this website.
- Click the 'View Virus Total Results' icon under the 'Actions' column for a file to view the Virus Total analysis results for the file
The 'Virus Total' web page for the selected file will be displayed with its results.
Scroll down the page to view the results for the file from different antivirus engines.
Send the File for Manual Analysis
You can also send a file for manual analysis by Comodo malware specialists for more comprehensive inspection in addition to the automated process. This is premium service and users should subscribe for the same.
- Click the 'Send to Manual Analysis' icon under the 'Actions' column to submit a file for manual analysis by Comodo engineers
A confirmation dialog will be displayed.
- Click 'OK' to confirm
After the file is submitted for manual analysis, it will show as 'In Queue' under the 'Status' column and 'Unknown' under 'Manual Verdict'. The 'Send to Manual Analysis' icon also will not be available indicating the file is already submitted.
The 'My Valkyrie Usage Statistics' page of Valkyrie displays how many files are submitted for your account and displays the details for:
- Today - Details of files submitted today
- This Week - Details of files submitted for this week
- This Month - Details of files submitted for month
- All Time - Total number of files submitted since account creation
To view your Valkyrie account usage statistics, click the 'My Stats' link.
The usage statistics page will be displayed.
|
My Valkyrie Usage Statistics - Table of Column Descriptions |
|
|---|---|
|
Column Header |
Description |
|
Date |
Indicates the period of usage. |
|
Total Files |
Number of files submitted for the period. |
|
Clean |
Number of files found to be clean. |
|
Malware |
Number of files found to be malware files submitted. |
|
Undetected |
Indicates the number of files in which no threat was found. |
|
Automatic Analysis |
Number of files submitted for automatic analysis. |
|
Human Expert Analysis |
Number of files submitted for manual analysis. |
|
Basic Info Reg. |
Indicates the number of times the user has used Valkyrie REST API named fvs_basic_info, requesting basic analysis results from Valkyrie database such as if the file is uploaded before, verdict of last analysis, last analysis date, first analysis date, is the file whitelisted and so on. |
|
Full Info Req. |
This is same as Basic Info Req. but requested for greater detail. Indicates the number of times the user has used REST API named fvs_full_info, which is used to retrieve last analysis results from Valkyrie database in greater detail such as static, dynamic and manual results including behavioral and file information. |
|
UI Get Info Req. |
Indicates the number of times the user opened the detailed analysis results page from the Dashboard screen by pressing the button or doing a search by SHA1 of a file. |
The 'Activity Logs' page provides the records of activities carried out in the Valkyrie account such as the activity date, user name, activity type and more.
To view your Valkyrie Activity Logs, click the 'Activity Logs' link
The activity logs page will be displayed. The number of logs to be displayed on each page can be selected from the 'Show entries' option on the left.
Sort and search options
Sorting the entries
- You can sort the items in ascending/descending order by clicking on the column headers.
Searching for particular item(s)
- Enter the details partially or fully in the search field on the top right side. You can search for logs based on all the columns.
- To display all the logs again, clear the search field.
|
Activity Logs - Table of Column Descriptions |
|
|---|---|
|
Column Header |
Description |
|
Activity Date |
The date and time of using the Valkyrie account for a particular activity type. |
|
User Name |
The logged user name for the account. |
|
|
The email id of the Valkyrie account. |
|
Activity Type |
The name of the activity that was recorded. |
|
Source IP |
The IP of the computer from which the Valkyrie account was logged in and used. |
|
API Key |
The private key of the user to use REST API. |
|
SHA1 |
If a file is the subject of activity then its SHA1 hash details will be displayed here. |