: Is this for a cybersecurity journal, a class report, or a blog post?
: Size, hashes (MD5/SHA256), and suspected origin.
: If you’ve run it in a sandbox, what does it do?
: Any specific files found inside the archive (e.g., .exe , .txt , .py ).