Linux Artifacts

Linux artifacts are artifacts that WildFire associates with samples after analyzing the samples in a Linux analysis environment.
Artifact Type
Search with this Artifact Type to Find...
Linux Suspicious Behavior
Suspicious behaviors found in the Linux sample file.
Linux Functions
Functions contained within the Linux sample file.
Linux Commands
Commands contained in the Linux sample file.
Linux File Paths
File paths contained within the Linux sample file.
Linux IP Address
IP addresses contained within the Linux sample file.
Linux Domains
Domains contained within the Linux sample file.
Linux URLs
URLs embedded into Linux sample file.
Linux Command Action
Command actions embedded into Linux sample file.
Linux File Activity
Files that showed activity as a result of the sample being executed in the WildFire analysis environment. Artifacts listed for each file activity include the parent process that showed activity, the action the parent process performed, and the file that was altered (created, modified, duplicated, or deleted).
Linux Suspicious Action
An action that the Linux file performed with it was executed in the WildFire analysis environment that may be an indicator of compromise.

Related Documentation