Attachment

You can compute the value of the file to conduct file-based reputation checks and further your analysis. As shown below, you can use the sha256sum tool/utility to calculate the file's hash value. 

Note: Remember to navigate to the file's location before attempting to calculate the file's hash value.

user@ubuntu$ sha256sum file.something
0827bb9a.... 

Once you get the sum of the file, you can go for further analysis using the VirusTotal.

• Tool: https://www.virustotal.com/gui/home/upload

Now, visit the tool website and use the SEARCH option to conduct hash-based file reputation analysis. After receiving the results, you will have multiple sections to discover more about the hash and associated file. Sections are shown below.

• Search the hash value
• Click on the BEHAVIOR tab.
• Analyse the details.

After that, continue on reputation check on InQuest to enrich the gathered data.

• Tool: https://labs.inquest.net/

Now visit the tool website and use the INDICATOR LOOKUP option to conduct hash-based analysis.

• Search the hash value
• Click on the SHA256 hash value highlighted with yellow to view the detailed report.
• Analyse the file details.