Malicious file indicators

The Malicious File Indicator feeds provide continuous streams of newly detected malware samples, AV scan results, and classification changes from the Spectra Intelligence system.

Common Use Cases

Get newly detected malware

Malware detection feed (TCF-0101) - Continuous list of samples with at least one AV detection.
Malware detection feed (platform-filtered) (TCF-0102-0106) - Malware detections filtered by platform (Windows, Android, macOS, etc.).

Track all scanned files

New files (first scan) (TCF-0107) - Files scanned for the first time in the system.
New files (first and rescan) (TCF-0108) - All files scanned or rescanned.

Monitor classification changes

Files with detection changes (TCF-0109) - Files showing detection changes between AV scans.
Malware presence change events feed (TCF-0111) - New malicious samples, false positives, and threat name changes.

All Malicious File Indicator Feeds

📄️ Malware detection feed (TCF-0101)

Spectra Intelligence TCF-0101 provides continuous list of new samples with AV detection present

📄️ Malware detection feed (platform-filtered) (TCF-0102-0106)

Spectra Intelligence TCF-0102-0106 provides malware detections filtered by platform (Windows, Android, macOS)

📄️ New files (first scan) (TCF-0107)

Spectra Intelligence TCF-0107 provides continuous list of file hashes scanned for the first time

📄️ New files (first and rescan) (TCF-0108)

Spectra Intelligence TCF-0108 provides continuous list of files scanned or rescanned in the system

📄️ Files with detection changes (TCF-0109)

Spectra Intelligence TCF-0109 tracks files showing detection changes between multi-AV scan reports

📄️ Malware presence change events feed (TCF-0111)

Spectra Intelligence TCF-0111 tracks new malicious samples, false positives, and threat name changes

Common Use Cases​

Get newly detected malware​

Track all scanned files​

Monitor classification changes​

All Malicious File Indicator Feeds​