: (You must calculate these using tools like CertUtil -hashfile or sha256sum ) MD5 : [Insert MD5] SHA-256 : [Insert SHA-256]
Summarize the "who, what, when, where, and how" of the incident. IP_Leandro_Set5.rar
: Briefly state the purpose of the analysis (e.g., investigating a simulated data breach). : (You must calculate these using tools like
: Highlight the most critical evidence found (e.g., specific malware, exfiltrated files, or unauthorized logins). 2. Evidence Information File Name : IP_Leandro_Set5.rar a Registry Run key).
: Identifying downloads or external communications. Prefetch/LNK Files : Proving specific applications were run. 4. Detailed Findings
: If a malicious file was found, describe its location and how it maintained persistence (e.g., a Registry Run key).