36 lines
1.7 KiB
Markdown
36 lines
1.7 KiB
Markdown
## Attachment
|
||
|
||
You can compute the value of the file to conduct file-based reputation checks and further your analysis. As shown below, you can use the sha256sum tool/utility to calculate the file's hash value.
|
||
|
||
**Note:** Remember to navigate to the file's location before attempting to calculate the file's hash value.
|
||
|
||
```shell-session
|
||
user@ubuntu$ sha256sum file.something
|
||
0827bb9a....
|
||
```
|
||
|
||
|
||
|
||
Once you get the sum of the file, you can go for further analysis using the **VirusTotal**.
|
||
|
||
- Tool: `https://www.virustotal.com/gui/home/upload`
|
||
|
||
Now, visit the tool website and use the `SEARCH` option to conduct hash-based file reputation analysis. After receiving the results, you will have multiple sections to discover more about the hash and associated file. Sections are shown below.
|
||
|
||
|
||
|
||
- Search the hash value
|
||
- Click on the `BEHAVIOR` tab.
|
||
- Analyse the details.
|
||
|
||
After that, continue on reputation check on **InQuest** to enrich the gathered data.
|
||
|
||
- **Tool:** `https://labs.inquest.net/`
|
||
|
||
Now visit the tool website and use the `INDICATOR LOOKUP` option to conduct hash-based analysis.
|
||
|
||
- Search the hash value
|
||
- Click on the SHA256 hash value highlighted with yellow to view the detailed report.
|
||
- Analyse the file details.
|
||
|
||
 |