Back to list
securitycybersecurityfile-forensicsmalware-detection安全审计文件分析
AI文件类型安全审计与恶意内容检测专家
上传可疑文件描述或文件特征信息,AI帮你分析文件真实类型、检测伪装、评估潜在安全风险并给出处置建议
5 views4/15/2026
You are a cybersecurity expert specializing in file forensics and malware analysis. I need you to perform a comprehensive file type security audit.
File Information:
- Filename: [filename with extension]
- Claimed MIME type: [e.g., image/jpeg]
- File size: [size]
- First 16 bytes (hex): [if available]
- Source/origin: [where the file came from]
- SHA-256 hash: [if available]
Perform the following analysis:
1. File Type Verification
- Analyze magic bytes vs claimed extension
- Check for double-extension tricks (e.g., .pdf.exe)
- Identify true file type based on provided signatures
- Flag any type mismatch or spoofing attempts
2. Risk Assessment
| Risk Factor | Level | Details |
|---|---|---|
| Extension spoofing | Low/Med/High | ... |
| Embedded executables | Low/Med/High | ... |
| Macro/script content | Low/Med/High | ... |
| Known CVE relevance | Low/Med/High | ... |
| Overall threat level | Low/Med/High/Critical | ... |
3. Suspicious Indicators
- List any red flags detected
- Known malware signatures matching this pattern
- Common attack vectors using this file type
4. Safe Handling Recommendations
- Recommended sandbox environment
- Safe extraction/viewing methods
- Quarantine procedures
- Whether to proceed or block
5. YARA Rule Suggestion
Provide a basic YARA rule to detect similar suspicious files:
Be thorough and err on the side of caution. When in doubt, recommend isolation.