[What does the file do when extracted or executed?] Static Analysis Hashes: MD5: [Insert MD5] SHA-256: [Insert SHA-256]
Describe the process tree after extraction. Does it launch a downloader? Does it attempt to achieve persistence? xsxsxax.rar
Document any DNS queries, C2 (Command & Control) IP addresses, or data exfiltration attempts. [What does the file do when extracted or executed
List files created in \AppData\ , \Temp\ , or modifications to the Windows Registry. Conclusion & Remediation C2 (Command & Control) IP addresses
List the files found inside the .rar (e.g., .exe , .ps1 , .txt ).