MALICIOUS
62
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The primary finding is that the ZIP archive contains a malicious member, identified by its SHA256 hash. This suggests a multi-stage infection chain where the archive is used to deliver the actual malicious payload. The archive exceeded its entry limit, indicating a potentially large or complex structure designed to evade analysis.
Heuristics 2
-
Archive contains malicious member critical ARCHIVE_CHILD_MALICIOUSAt least one extracted archive member was classified as malicious. The archive is a transport wrapper for that payload.
-
Archive entry limit reached (50) info ARCHIVE_LIMITOnly the first 50 files were scanned.
Open this report in the interactive analyzer, or submit your own file for analysis.