diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/CTCloudHttpClient.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/CTCloudHttpClient.java
index 06e5fb7fcd3cca27be8700b73864020cef16a51c..0374fd2b2b474570d851c4aece56da29e66a55a4 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/CTCloudHttpClient.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/CTCloudHttpClient.java
@@ -67,7 +67,7 @@
 /**
  * Makes the http requests to CT cloud.
  */
-public class CTCloudHttpClient {
+class CTCloudHttpClient {
 
     private static final CTCloudHttpClient instance = new CTCloudHttpClient();
     private static final Logger LOGGER = Logger.getLogger(CTCloudHttpClient.class.getName());
diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/Constants.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/Constants.java
index 9587b3cd44dbf4984aac10a9b5639661e5f4a883..8290d6621d0e05f1e6cf12c24c5813539dc837b3 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/Constants.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/Constants.java
@@ -23,7 +23,7 @@
 /**
  * Constants regarding connections to cyber triage cloud.
  */
-final public class Constants {
+final class Constants {
 
     public static final String CYBER_TRIAGE = "CyberTriage";
 
diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/ProxySettings.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/ProxySettings.java
index f710a6ab1bb1641d4f890a70de926e93647bc021..cbd538d01b073ab2016d79ac115b5e9dcc266726 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/ProxySettings.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctapi/ProxySettings.java
@@ -32,7 +32,7 @@
  * Taken from https://raw.githubusercontent.com/apache/netbeans/master/platform/o.n.core/src/org/netbeans/core/ProxySettings.java
  * @author Jiri Rechtacek
  */
-public class ProxySettings {
+class ProxySettings {
     
     public static final String PROXY_HTTP_HOST = "proxyHttpHost";   // NOI18N
     public static final String PROXY_HTTP_PORT = "proxyHttpPort";   // NOI18N
diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicenseDialog.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicenseDialog.java
index 608ea6304006f80b9a14299975a12140e2cf7d6c..3bff998901d0fc071686150e58c3eedf4c8d57df 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicenseDialog.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicenseDialog.java
@@ -27,7 +27,7 @@
 /**
  * License dialog
  */
-public class CTLicenseDialog extends javax.swing.JDialog {
+class CTLicenseDialog extends javax.swing.JDialog {
 
     private static final Pattern LICENSE_PATTERN = Pattern.compile("^\\s*[a-zA-Z0-9\\-]+?\\s*$");
     private String licenseString = null;
diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicensePersistence.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicensePersistence.java
index e95d9e72795c57d1a37d206fc19864681ada9b3e..717c4f4321348b6cb7a55c98dcb0245a7bddc95a 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicensePersistence.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/CTLicensePersistence.java
@@ -26,7 +26,6 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import java.io.File;
 import java.io.IOException;
-import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.util.Optional;
 import java.util.logging.Level;
diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/EULADialog.java b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/EULADialog.java
index 31056e1f2a982412340a782755ffe77e98c5fdce..0279cafb9b70e5a4b25c9b0df972334e239ddf93 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/EULADialog.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/ctoptions/ctcloud/EULADialog.java
@@ -36,7 +36,7 @@
 /**
  * Dialog for displaying the Cyber Triage EULA before the license is saved.
  */
-public class EULADialog extends javax.swing.JDialog {
+class EULADialog extends javax.swing.JDialog {
 
     private static final Logger LOGGER = Logger.getLogger(EULADialog.class.getName());
     private static final String EULA_RESOURCE = "EULA.htm";
diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/BatchProcessor.java b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/BatchProcessor.java
index eab025a6416569645480ca93437cc353a22ed467..a65d319dc219b5bc5410bde84fe96846618c3dcd 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/BatchProcessor.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/BatchProcessor.java
@@ -21,14 +21,10 @@
 import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.BlockingQueue;
-import java.util.concurrent.CompletableFuture;
-import java.util.concurrent.ExecutionException;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
 import java.util.concurrent.LinkedBlockingQueue;
 import java.util.concurrent.TimeUnit;
-import java.util.concurrent.TimeoutException;
 import java.util.function.Consumer;
 
 /**
@@ -36,7 +32,7 @@
  * blocks (and subsequently add and flush operations) until previous batch
  * finishes.
  */
-public class BatchProcessor<T> {
+class BatchProcessor<T> {
 
     private ExecutorService processingExecutorService = Executors.newSingleThreadExecutor();
 
diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/FileUpload.java b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/FileUpload.java
deleted file mode 100644
index 4803793514303fa43f64704d7fb5f25194368db6..0000000000000000000000000000000000000000
--- a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/FileUpload.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Autopsy Forensic Browser
- *
- * Copyright 2023 Basis Technology Corp.
- * Contact: carrier <at> sleuthkit <dot> org
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.basistech.df.cybertriage.autopsy.malwarescan;
-
-import com.basistech.df.cybertriage.autopsy.ctapi.CTApiDAO;
-import com.basistech.df.cybertriage.autopsy.ctapi.CTCloudException;
-import com.basistech.df.cybertriage.autopsy.ctapi.json.AuthTokenResponse;
-import com.basistech.df.cybertriage.autopsy.ctapi.json.AuthenticatedRequestData;
-import com.basistech.df.cybertriage.autopsy.ctapi.json.CTCloudBean;
-import com.basistech.df.cybertriage.autopsy.ctapi.json.DecryptedLicenseResponse;
-import com.basistech.df.cybertriage.autopsy.ctapi.json.MalwareResultBean.Status;
-import com.basistech.df.cybertriage.autopsy.ctapi.json.MetadataUploadRequest;
-import org.apache.commons.lang3.StringUtils;
-import org.sleuthkit.datamodel.AbstractFile;
-import org.sleuthkit.datamodel.ReadContentInputStream;
-import org.sleuthkit.datamodel.SleuthkitCase;
-import org.sleuthkit.datamodel.TskCoreException;
-
-/**
- * Handles uploading of files that are unknown.
- */
-public class FileUpload {
-    private static final long MIN_UPLOAD_SIZE = 1;
-    private static final long MAX_UPLOAD_SIZE = 1_000_000_000;
-
-    private final CTApiDAO ctApiDAO = CTApiDAO.getInstance();
-
-    private boolean isUnknown(CTCloudBean cloudBean) {
-        return cloudBean != null
-                && cloudBean.getMalwareResult() != null
-                && cloudBean.getMalwareResult().getStatus() == Status.NOT_FOUND;
-    }
-
-    private boolean isUploadable(AbstractFile af) {
-        long size = af.getSize();
-        return size >= MIN_UPLOAD_SIZE && size <= MAX_UPLOAD_SIZE;
-    }
-
-    private boolean upload(SleuthkitCase skCase, DecryptedLicenseResponse decrypted, CTCloudBean cloudBean, long objId) throws CTCloudException, TskCoreException {
-        if (!isUnknown(cloudBean)) {
-            return false;
-        } 
-        
-        AbstractFile af = skCase.getAbstractFileById(objId);
-                if (af == null) {
-            return false;
-        }
-                
-        if (!isUploadable(af)) {
-            return false;
-        }
-        
-        // get auth token / file upload url
-        AuthTokenResponse authTokenResponse = ctApiDAO.getAuthToken(decrypted, true);
-        if (StringUtils.isBlank(authTokenResponse.getFileUploadUrl())) {
-            throw new CTCloudException(CTCloudException.ErrorCode.NETWORK_ERROR);
-        }
-
-        // upload bytes
-        ReadContentInputStream fileInputStream = new ReadContentInputStream(af);
-        ctApiDAO.uploadFile(authTokenResponse.getFileUploadUrl(), af.getName(), fileInputStream);
-
-        // upload metadata
-        MetadataUploadRequest metaRequest = new MetadataUploadRequest()
-                .setCreatedDate(af.getCrtime())
-                .setFilePath(af.getUniquePath())
-                .setFileSizeBytes(af.getSize())
-                .setFileUploadUrl(authTokenResponse.getFileUploadUrl())
-                .setMd5(af.getMd5Hash())
-                .setSha1(af.getSha1Hash())
-                .setSha256(af.getSha256Hash());
-
-        ctApiDAO.uploadMeta(new AuthenticatedRequestData(decrypted, authTokenResponse), metaRequest);
-        return true;
-    }
-
-}
diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java
index f15236cd1d0a19d4a689b777a66784e392b321cd..2d73effa5c4d901b04a397a19f8b3fbd80201ac6 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java
@@ -69,7 +69,7 @@
 /**
  * Uses CT cloud API to determine if file is malware
  */
-public class MalwareScanIngestModule implements FileIngestModule {
+class MalwareScanIngestModule implements FileIngestModule {
 
     private static final SharedProcessing sharedProcessing = new SharedProcessing();
 
diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/UsernameAnonymizer.java b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/UsernameAnonymizer.java
index 2b00ece4ab43db397d307602ff1cf7b3ef20c6ae..75261ae43f5a05560ffa4eecc23c10bcd4ffe8b6 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/UsernameAnonymizer.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/UsernameAnonymizer.java
@@ -33,7 +33,7 @@
  * Utility class to anonymize username in paths also anonymizes hostname / ip
  * from UNC paths
  */
-public class UsernameAnonymizer {
+class UsernameAnonymizer {
 
     private static final Logger LOGGER = Logger.getLogger(UsernameAnonymizer.class.getName());