We are currently working through a migration piece and have noticed a high number of items detected. For example: Troj/Phish-TL, Troj/Phish-CLO & Troj/DocDI-JOO to name but a few. When clicking on the link like the one below I have noticed it does not provide that much information;
Is there another site\location that is known that I would be able to get a bit more information on what the Trojan is, what it does etc?
Thanks in advance
Could you please confirm if you are managing the endpoint via central or Enterprise console? If you have received an alert about the detection of a particular Trojan Malware, threat analysis may already be logged in Sophos Central. You can view detailed information on the Threat case analysis page on the central dashboard. Furthermore, you can submit a sample to Sophos labs for more analysis and details.
in what way would this bit more information help? Please note that it's no only infeasible to write down the details for every detection, it would also be necessary to revise the details when detections are consolidated. Furthermore a threat's (potential) behaviour might depend on the environment or even chance.
Thank you for your reply.
Currently we are using Enterprise Console 5.5.1.
Will look to send a sample.