The Deep analysis feature executes a file in a secure, fully instrumented cloud environment. Deep analysis results show the file's activities, observed behaviors, and associated artifacts, such as dropped files, registry modifications, and communication with IPs. Deep analysis currently supports extensive analysis of portable executable (PE) files (including .exe and .dll files). The Deep analysis summary includes a list of observed behaviors, some of which can indicate malicious activity, and observables, including contacted IPs and files created on the disk. If nothing was found, these sections will simply display a brief message.
Deep analysis feature in Microsoft Defender ATP Print
Created by: Shekhar Rathour
Modified on: Sun, 9 Aug, 2020 at 5:53 PM
Did you find it helpful?Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.