Malforge Report

{{ report.file_metadata.filename }}
{{ report.executive_summary }}
{% if report.risk_score > 60 %}
{% elif report.risk_score > 30 %}
{% else %}
{% endif %} {{ report.risk_score | int }}
Risk Score
{% if report.classification == 'MALICIOUS' %} {{ report.classification }} {% elif report.classification == 'SUSPICIOUS' %} {{ report.classification }} {% else %} {{ report.classification }} {% endif %}
Classification
{{ report.iocs | length }}
IOCs Found
{{ report.attack_mapping | length }}
ATT&CK Techniques
{{ report.heuristic_flags | length }}
Heuristic Flags
{{ report.heuristic_score }}
Heuristic Score

File Metadata

{% if report.pe_analysis and report.pe_analysis.timestamp %} {% endif %} {% if report.pe_analysis and report.pe_analysis.entry_point %} {% endif %}
Filename {{ report.file_metadata.filename }}
SHA-256 {{ report.file_metadata.sha256 }}
SHA-1 {{ report.file_metadata.sha1 }}
MD5 {{ report.file_metadata.md5 }}
File Size {{ report.file_metadata.file_size }} bytes
Entropy {{ report.file_metadata.entropy }}
Compile Timestamp {{ report.pe_analysis.timestamp }}
Entry Point {{ report.pe_analysis.entry_point }}
{% if report.attack_mapping %}

MITRE ATT&CK Mapping

{% for m in report.attack_mapping %} {% endfor %}
Technique Name Tactic Evidence
{{ m.technique_id }} {{ m.technique_name }} {{ m.tactic }} {{ m.evidence }}
{% endif %} {% if report.heuristic_flags %}

Heuristic Analysis

{% for flag in report.heuristic_flags %} {% endfor %}
Flag Severity Description
{{ flag.name }} {{ flag.severity | upper }} {{ flag.description }}
{% endif %} {% if report.iocs %}

Indicators of Compromise ({{ report.iocs | length }})

{% for ioc in report.iocs %} {% endfor %}
Type Value Confidence
{{ ioc.type }} {{ ioc.value }} {{ (ioc.confidence * 100) | int }}%
{% endif %} {% if report.pe_analysis and report.pe_analysis.sections %}

PE Sections

{% for sec in report.pe_analysis.sections %} {% endfor %}
Name Size Entropy Chart
{{ sec.name }} {{ sec.raw_size }} {{ sec.entropy }}
{% if sec.entropy > 7.2 %}
{% elif sec.entropy > 5.0 %}
{% else %}
{% endif %}
{% if report.pe_analysis.imports %}

Imports

{% for imp in report.pe_analysis.imports %}
{{ imp.dll }} ({{ imp.functions | length }} functions)
{% for f in imp.functions %}{{ f }} {% endfor %}
{% endfor %}
{% endif %}
{% endif %}
{% if report.detection_rules.yara %}

YARA Rule {% if report.detection_rules.yara_validated %} Validated [PASS] {% endif %}

{{ report.detection_rules.yara }}
{% endif %} {% if report.detection_rules.sigma %}

Sigma Rule

{{ report.detection_rules.sigma }}
{% endif %}
{% if report.strings.suspicious %}

Suspicious Strings

{{ report.strings.total_count }} total strings extracted, {{ report.strings.suspicious | length }} flagged as suspicious.

Show all suspicious strings ({{ report.strings.suspicious | length }})
{% for s in report.strings.suspicious %}{{ s }} {% endfor %}
{% endif %}