binary object NXQL (classic)

A binary is an executable binary file identified by its hash code.

Name	Type	Operating systems	Properties
application_category	string	Windows \| macOS	SE
	Indicates the category of the application: '-': Not yet tagged; Unknown: Not categorized by Nexthink Library.
application_company	string	Windows \| macOS
	Application company
application_name	string	Windows \| macOS
	Application name
architecture	enum	Windows \| macOS
	Executable architecture (32/64 bit)
average_cpu_usage	permill	Windows
	Average CPU usage for the binary
average_memory_usage	byte	Windows	NU
	Average memory usage for the binary
average_number_of_graphical_handles	integer	Windows	NU
	Average number of graphical handles (GDI)
company	string	Windows \| macOS
	Executable company
database_usage	permill	Windows \| macOS
	Percentage of the database used by information related with the binary.
description	string	Windows
	Description as it appears in the binary file.
executable_name	string	Windows \| macOS
	Executable name
file_size	byte	Windows \| macOS
	Binary file size
first_seen	datetime	Windows \| macOS	NU
	First time activity of the binary was recorded on any device.
hash	md5	Windows \| macOS
	Hash code of the binary (MD5)
id	identifier	Windows \| macOS
	Unique binary identifier
last_seen	datetime	Windows \| macOS	NU
	Last time activity of the binary was recorded on any device.
paths	path	Windows \| macOS
	List of paths of the binary
platform	enum	Windows \| macOS
	The platform (operating system family) on which the binary is running.
sha1	sha1	Windows \| macOS
	SHA-1 hash code of the binary
sha256	sha256	Windows \| macOS
	SHA-256 hash code of the binary
storage_policy	enum	Windows \| macOS
	Event storage policy for the binary (connection and execution, execution-only or none)
threat_level	enum	Windows \| macOS	SE
	Indicates the threat level of the binary: '-': Not yet tagged; none detected: No known threat; low: low threat; intermediate: Intermediate threat; high: high threat.
total_active_days	day	Windows \| macOS
	Total number of days the binary was active.
user_interface	boolean	Windows
	Application has interactive user interface
version	version	Windows \| macOS
	Version of the binary

Name

Type

Operating systems

Properties

application_category

string

Windows | macOS

Indicates the category of the application:

'-': Not yet tagged;
Unknown: Not categorized by Nexthink Library.

application_company

string

Windows | macOS

Application company

application_name

string

Windows | macOS

Application name

architecture

enum

Windows | macOS

Executable architecture (32/64 bit)

average_cpu_usage

permill

Windows

Average CPU usage for the binary

average_memory_usage

byte

Windows

Average memory usage for the binary

average_number_of_graphical_handles

integer

Windows

Average number of graphical handles (GDI)

company

string

Windows | macOS

Executable company

database_usage

permill

Windows | macOS

Percentage of the database used by information related with the binary.

description

string

Windows

Description as it appears in the binary file.

executable_name

string

Windows | macOS

Executable name

file_size

byte

Windows | macOS

Binary file size

first_seen

datetime

Windows | macOS

First time activity of the binary was recorded on any device.

hash

md5

Windows | macOS

Hash code of the binary (MD5)

identifier

Windows | macOS

Unique binary identifier

last_seen

datetime

Windows | macOS

Last time activity of the binary was recorded on any device.

paths

path

Windows | macOS

List of paths of the binary

platform

enum

Windows | macOS

The platform (operating system family) on which the binary is running.

sha1

Windows | macOS

SHA-1 hash code of the binary

sha256

Windows | macOS

SHA-256 hash code of the binary

storage_policy

enum

Windows | macOS

Event storage policy for the binary (connection and execution, execution-only or none)

threat_level

enum

Windows | macOS

Indicates the threat level of the binary:

'-': Not yet tagged;
none detected: No known threat;
low: low threat;
intermediate: Intermediate threat;
high: high threat.

total_active_days

day

Windows | macOS

Total number of days the binary was active.

user_interface

boolean

Windows

Application has interactive user interface

version

Windows | macOS

Version of the binary

Last updated 16 days ago