Contents x
Original Malware Status
    • PDF
    Contents

    Original Malware Status

      • PDF
      Article summary

      Glasswall has partnered with ReversingLabs by integrating their cutting edge File Reputation technology into Glasswall Halo.

      ReversingLabs runs the hash for each file through its file reputation database and classifies how malicious it's likely to be.

      If this feature is enabled for users, they will see a section displaying the Original malware status of files in the Halo portal's Reporting page.

      image.png

      The different malware statuses are described here:

      Original malware statusDescription
      MaliciousThese original files were confirmed as malicious by ReversingLabs before Glasswall processed them.
      SuspiciousThese original files were considered to be suspicious by ReversingLabs before Glasswall processed them. They may be considered malicious or likely good over time, when more information changes their threat profile.
      Likely goodThese original files were found in the file reputation database and were considered to be benign by ReversingLabs.
      Not recognizedThese original files weren't found in the file reputation database by ReversingLabs. This usually means that they're files that have only circulated internally, or they haven't circulated enough to appear in the file reputation database.
      UnavailableThe malware status of these original files is unavailable. This can happen for a few reasons, including exceeding the license limit of file reputation requests, API failure, or credential failure.

      Severity of malicious files

      Original files that have been confirmed as malicious by ReversingLabs each receive a threat severity score of 1-5.

      image.png

      • High (5-4)
        • Highest severity of malicious file threat levels designated for malware like different types of Trojans.
      • Medium (3-2)
        • Medium severity of malicious file threat levels, designated for malware like first stage exploits.
      • Low (1)
        • Lowest severity of malicious file threat levels, designated for malware like adware or potentially unwanted applications (PUA).

      Learn more about ReversingLabs and their file reputation technology

      Was this article helpful?
      What's Next