Loading...

Knowledge Center


Advanced Threat Defense sandbox does not open URL samples when you enable Logic Path
Technical Articles ID:   KB89310
Last Modified:  1/18/2019

Environment

McAfee Advanced Threat Defense (ATD)

Problem

You create a VM profile and then configure an analyzer profile with the Logic Path Graph and Full Logic Path options enabled.

When you submit a URL sample to this VM using the analyzer profile, you expect ATD to scan the web object and then generate a logic path for it. But inside the sandbox, you see that there is no browser screen opened for the URL, and ATD generates a GML file that contains no graph.

Solution

This behavior is expected. Full Logic Path works only for PE files, not for URL samples.

When analyzing a URL sample, ensure that you select an analyzer profile that does not have the Full Logic Path option enabled.

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.