| Exam 200-201 | Question id=6023 | Host-based analysis |
Refer to the exhibit.
An engineer is analyzing this Cuckoo Sandbox report for a PDF file that has been downloaded from an email. What is the state of this file?
| A. |
The file has an embedded executable and was matched by PEiD threat signatures for further analysis. | |
| B. |
The file has an embedded non-Windows executable but no suspicious features are identified. | |
| C. |
The file has an embedded Windows 32 executable and the Yara field lists suspicious features for further analysis. | |
| D. |
The file was matched by PEiD threat signatures but no suspicious features are identified since the signature list is up to date. |