[What does the file do when extracted or executed?] Static Analysis Hashes: MD5: [Insert MD5] SHA-256: [Insert SHA-256]
[e.g., This archive contains a known Trojan variant.] xsxsxax.rar
Document any DNS queries, C2 (Command & Control) IP addresses, or data exfiltration attempts. [What does the file do when extracted or executed
Describe the process tree after extraction. Does it launch a downloader? Does it attempt to achieve persistence? C2 (Command & Control) IP addresses
[e.g., Quarantining the file, blocking specific IPs, or rotating credentials.]
Note the creation date, original filenames, and any comments embedded in the archive. Dynamic Analysis
[What does the file do when extracted or executed?] Static Analysis Hashes: MD5: [Insert MD5] SHA-256: [Insert SHA-256]
[e.g., This archive contains a known Trojan variant.]
Document any DNS queries, C2 (Command & Control) IP addresses, or data exfiltration attempts.
Describe the process tree after extraction. Does it launch a downloader? Does it attempt to achieve persistence?
[e.g., Quarantining the file, blocking specific IPs, or rotating credentials.]
Note the creation date, original filenames, and any comments embedded in the archive. Dynamic Analysis