Malware Analysis Patterns offer insight as to why Malware Analysis reached its conclusions. For each entry, a Risk Score and Pattern appear. The Risk Score is a number between 1 and 10, where 1 represents a relatively benign activity; 10 represents a very suspicious activity. For example, the following image shows a sample in which an autorun entry was set up in the Temp folder. This entry has a Risk Score a 7 because it's a suspicious action for a program.
Malware Analysis Observed Activity Summary
The Malware Analysis observed Activity Summary lists the changes that the sample made to the computer when it is analyzed. For example, the following shows a sample that created and wrote to a new file system.exe in the temp folder.
Malware Analysis Events
Malware Analysis Events shows detailed information about the individual behaviors that the sample performed. Click Description to view even more details about the behavior. The following example shows a behavior from a program that created a run key entry. The entry automatically launches the recently-created system.exe program when a user logs on to Windows.