cancel
Showing results for 
Search instead for 
Did you mean: 
notenuf
Level 7

How the Artemis works?

Jump to solution

Explain to me why when I send a suspicious file for review in McAfee Lab, and the file is recognized as a "Generic.TRA" and i recive Extra.dat, it is not added to "Artemis" detection ? it would be so easy and so fast ! how the Artemis works?

0 Kudos
1 Solution

Accepted Solutions
SamSwift
Level 12

Re: How the Artemis works?

Jump to solution

Not all files would trigger an artemis lookup, we need to see certain suspicious criteria occurring before the lookup is done. Generic.tra is a different beast, it's a MD5 based driver for the specific file you submitted - that doesn't necessarily mean that detection would be automatically be added to artemis, although in many cases this does happen.

HTH

Sam

0 Kudos
7 Replies
exbrit
Level 21

Re: How the Artemis works?

Jump to solution

I moved this to Artemis Discussion so one of their staff will notice it and hopefully help you..  Posting the Artemis number might help.

Message was edited by: Ex_Brit on 14/08/11 12:00:30 EDT PM
0 Kudos
hemantk
Level 12

Re: How the Artemis works?

Jump to solution

Hello notenuf.

Please go through the below link this will help you............

https://kc.mcafee.com/content/tutorials/artemis/vse_rc_kb53732_enabling_artemis.htm

You can also refer the Attached Doc.for more details........

Message was edited by: hemantk on 8/16/11 4:19:54 AM CDT
nchattop
Level 12

Re: How the Artemis works?

Jump to solution

Hi

Please refer our KB Article for mor info: https://kc.mcafee.com/corporate/index?page=content&id=KB53735

Basically Artemis looks for any suspicious files and detect as Artemis!xxxxx, it could be both accuarte detection or false too. If you come across please send us the sample

http://www.av-comparatives.org/seiten/ergebnisse/mcafee_artemis.pdf

thanks

Neha C

McAfee SME

0 Kudos
notenuf
Level 7

Re: How the Artemis works?

Jump to solution

Try not to read only the title, do not waste your time on useless "answers" ... Did I write that Artemis is not working? I mean that Artemis works strange and illogical.

0 Kudos
SamSwift
Level 12

Re: How the Artemis works?

Jump to solution

Not all files would trigger an artemis lookup, we need to see certain suspicious criteria occurring before the lookup is done. Generic.tra is a different beast, it's a MD5 based driver for the specific file you submitted - that doesn't necessarily mean that detection would be automatically be added to artemis, although in many cases this does happen.

HTH

Sam

0 Kudos
notenuf
Level 7

Re: How the Artemis works?

Jump to solution

I think that Artemis is exactly a particular MD5 file, turns out that Artemis lookup is based on certain criteria heuristic technology? then what kind of criteria? you tell me more about this?

0 Kudos
pammirab
Level 11

Re: How the Artemis works?

Jump to solution

Hello,

The McAfee Artemis is considered a file reputation, which makes part of our GTI or Global Threat Intelligence. Once customers have the McAfee Artemis Technology enabled on their endpoint products, Artemis Is responsible to send fingerprints of the files to the cloud, which also receives data from other vectors, like Web, Email and Network.

Once the fingerprints are submitted to the cloud, they are compared with the database existent in the cloud as well as analyzed based on its characteristics, MD5, by our threat research team dedicated solely to GTI, etc. After that, we correlate data from all threat vectors.  The GTI cloud after matching the incoming streams with known or suspected threats, returns to the supported products a unique perspective on what is happening at each touch point.

Best Regards,

Patty

0 Kudos