File Identification
MD5
{{content.Identification['MD5']}}
SHA1
{{content.Identification['SHA1']}}
SHA256
{{content.Identification['SHA256']}}
impash
{{content.Identification['impash']|| "-"}}
ssdeep
{{content.Identification['ssdeep']|| "-"}}
pehash
{{content.Identification['pehash']|| "-"}}
Operating System
{{content.Identification['OperatingSystem']}}
PE Type
{{content.Identification['PEType']}}
Magic literal
{{content.Magic}}
MimeType
{{content.Mimetype}}
File Metadata (Exiftool)
{{k}}
{{v}}
PE Basic Information
{{I.Info}}
{{I.Value}}
Compilation Timestamp
{{content.PE.BasicInformation.CompilationTimestamp}}
File Size
{{content.PE.BasicInformation.FileSize}}
Entry Point (EP)
{{content.PE.BasicInformation.EntryPoint}}
Target Machine
{{content.PE.BasicInformation.TargetMachine}}
PE Sections
Section SizeOfRawData Entroy
{{section.entryname}} {{section.SizeOfRawData}} {{section.Entropy}}
MD5
{{section.MD5}}
SHA1
{{section.SHA1}}
SHA256
{{section.SHA256}}
PE Import Address Table
{{entry.entryname}}
{{entry.symbols.length}} items
{{sym}}
Olevba Report

Summary

Olevba version:
v{{content.MSOffice.olevba.Version}}
Olevba detection :
{{content.MSOffice.olevba.vba}}
Olevba scanner :
Not suspicious Suspicious VBA   Base64 strings   Hex strings Not suspicious

Detailed Information

OLE stream: {{stream['OLE stream']}}

Information
VBA filename:
{{stream['VBA filename']}}
Filename:
{{stream['Filename']}}
Olevba analysis
Type Keyword Description
{{result.type}} {{result.keyword}} {{result.description}}
Show code Hide code
                                      {{stream['VBA code']}}
                                    
Analysis failure
{{content.MSOffice.olevba.Error}}
PDFiD Report

Summary

PDFiD version:
v{{content.PDF.pdfid[0].pdfid.version}}
Suspicious:
{{content.PDF.pdfid[0].suspicious}}
PDFiD detection :
/RichMedia   /OpenAction   /JavaScript   /Launch   /ObjStm  
{{(artifact.data || artifact.attachment.name) | fang}}
{{content.errorMessage}}