List the files inside the RAR. Look for common malicious extensions like .exe , .vbs , .js , or double extensions like .pdf.exe . 3. Dynamic (Behavioral) Analysis
Record the MD5 , SHA-1 , and SHA-256 hashes to uniquely identify the file. Victoria Bravo.rar
This section covers information about the file without actually executing it: List the files inside the RAR
Details of what happens when the file is opened in a controlled sandbox: Victoria Bravo.rar
A brief overview of what the file is intended to do (e.g., credential theft, downloader, or harmless training file). 2. Static Analysis
Does it attempt to connect to a Command and Control (C2) server? Look for suspicious IP addresses or DNS requests.
Advice on updating antivirus signatures or blocking .rar attachments in email gateways.