01-07-2021 01:10 AM - edited 01-07-2021 05:51 AM
Hello,
I received this mail from AMP
Hello xx xx, The following file you requested failed to upload: File name: wetransfer-3f49fc.zip Original file name: Unknown File size: 49.8 MB File SHA-256: eaf93b2240bc1eebda1248a294c135426eb58912a79182f09f4259c334b49805 Hostname: xx.xx.xx
Also I have several failed attempts for analysis
Any ideas why?
How could I find the cause?
Regards,
Konstantinos
01-07-2021 05:53 AM
It is not unusual. Internet sites are common sources for malware, the files are downloaded by the brower into a cache/temporary directory and become unavailable to upload/analysis later when the cache is flushed.
Regards,
Celso
01-07-2021 06:07 AM
Hello @ckuwajima
I believe this is not the case.
The files are in a file server. The scan finds them but cannot fetch them for analysis.
Their size is less than 50 MB
So i cannot understand what is happening.
01-08-2021 04:04 AM
Hello @kostasthedelegate,
there can be several circumstances to generate such a message. First of all, the connector uploads files to the AMP cloud, if the file is requested from there. This means, the final decision for file upload is done by the cloud. Your file is a ZIP file and also already very close to the file limit.
Connector Limits:
After a file is uploaded to the AMP cloud, the cloud itself forwards the file to TG cloud. The analysis failed information comes from Threat Grid cloud. If you do not have a full license for TG, you may open a TAC case to clarify.
Greetings,
Thorsten
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide