Record the MD5 , SHA-1 , and SHA-256 hashes to uniquely identify the file.

Does it attempt to connect to a Command and Control (C2) server? Look for suspicious IP addresses or DNS requests.

Check for creation dates, original filenames, and any digital signatures.

However, if you are analyzing this file as part of a or digital forensics exercise, a standard write-up should include the following core sections: 1. Executive Summary File Name: Victoria Bravo.rar File Type: RAR Compressed Archive Threat Level: (e.g., High, Moderate, Low)

List the files inside the RAR. Look for common malicious extensions like .exe , .vbs , .js , or double extensions like .pdf.exe . 3. Dynamic (Behavioral) Analysis

Details of what happens when the file is opened in a controlled sandbox:

Note if it creates "persistence" by adding itself to the Windows Registry startup keys or moving files to C:\Users\...\AppData . 4. Indicators of Compromise (IOCs)

Victoria Bravo.rar -

Record the MD5 , SHA-1 , and SHA-256 hashes to uniquely identify the file.

Does it attempt to connect to a Command and Control (C2) server? Look for suspicious IP addresses or DNS requests. Victoria Bravo.rar

Check for creation dates, original filenames, and any digital signatures. Record the MD5 , SHA-1 , and SHA-256

However, if you are analyzing this file as part of a or digital forensics exercise, a standard write-up should include the following core sections: 1. Executive Summary File Name: Victoria Bravo.rar File Type: RAR Compressed Archive Threat Level: (e.g., High, Moderate, Low) Check for creation dates, original filenames, and any

List the files inside the RAR. Look for common malicious extensions like .exe , .vbs , .js , or double extensions like .pdf.exe . 3. Dynamic (Behavioral) Analysis

Details of what happens when the file is opened in a controlled sandbox:

Note if it creates "persistence" by adding itself to the Windows Registry startup keys or moving files to C:\Users\...\AppData . 4. Indicators of Compromise (IOCs)