Fortinet white logo
Fortinet white logo

Administration Guide

Malware Package

Malware Package

Go to Scan Policy and Object > Malware Package, to view the Malware Package list.

The following options are available:

Refresh

Refresh the Malware Package list.

View

Select a package version number and click the View button from the toolbar. The following information is shown:

  • Job Detail: View the file's detailed information. If the unit is joining a global threat information sharing network, only local detection has the Job Detail button available.
  • Mark the detection as False Positive: If marked, the entry will be removed from future Malware Packages. If the unit is joining a global threat information sharing network, the change is also reported to the Collector and is shared by all units in the network.
  • Detected: The time and date that the item was detected.
  • Checksum: The file checksum (SHA256).
  • Rating: The risk rating.
  • Serial Number: From which unit the threat information is from.
  • Global/Local: If this threat information is from a local unit or from another unit.

Download SHA256

Download SHA1

Download MD5

You have the option to download packages containing malware SHA256, SHA1, and MD5.

This page displays the following:

Version

The malware package release version.

Release Time

The malware package release time.

Total

The total number of malware antivirus signatures inside the package. The maximum number of signatures is 100K.

By default, FortiSandbox only keeps malware packages generated in last 3 days.

Malware Package

Malware Package

Go to Scan Policy and Object > Malware Package, to view the Malware Package list.

The following options are available:

Refresh

Refresh the Malware Package list.

View

Select a package version number and click the View button from the toolbar. The following information is shown:

  • Job Detail: View the file's detailed information. If the unit is joining a global threat information sharing network, only local detection has the Job Detail button available.
  • Mark the detection as False Positive: If marked, the entry will be removed from future Malware Packages. If the unit is joining a global threat information sharing network, the change is also reported to the Collector and is shared by all units in the network.
  • Detected: The time and date that the item was detected.
  • Checksum: The file checksum (SHA256).
  • Rating: The risk rating.
  • Serial Number: From which unit the threat information is from.
  • Global/Local: If this threat information is from a local unit or from another unit.

Download SHA256

Download SHA1

Download MD5

You have the option to download packages containing malware SHA256, SHA1, and MD5.

This page displays the following:

Version

The malware package release version.

Release Time

The malware package release time.

Total

The total number of malware antivirus signatures inside the package. The maximum number of signatures is 100K.

By default, FortiSandbox only keeps malware packages generated in last 3 days.