2026-06-02T04:24:34
evidence_intake
evidence.bin
{
"action": "evidence_intake",
"evidence_sha256": "8c72e930d666da162b9b5b54162724c252deddf7f28c37df7ad887b35dc28603",
"hash": "d59c4a0b4472d0bf7ecb3f9e9900d4824124ac5bc4069f08007c6700372db855",
"metadata": {
"filename": "evidence.bin",
"md5": "90fb7db72be720cb16b161b29bcaf248",
"note": "workflow test",
"remote_addr": "172.21.0.3",
"sha1": "4be8717aaad2c69ac854259cf78d7e40c598499d",
"size": 2048,
"user_agent": "python-requests/2.34.0"
},
"prev_hash": "0000000000000000000000000000000000000000000000000000000000000000",
"timestamp": "2026-06-02T04:24:34.066517"
}
2026-06-02T04:24:33
volatility_analysis
mem.dmp
{
"action": "volatility_analysis",
"evidence_sha256": "2b72a84e8b3cf3b49219e6ec5d2465c1bd7bad9db258d1bc70002eb3630f1d80",
"hash": "82f3902e5a3fcba165713058599f3348f28d819d97a94fd8a970a4b45b1da374",
"metadata": {
"filename": "mem.dmp",
"plugins": [
"windows.pslist.PsList"
],
"size": 1008
},
"prev_hash": "0000000000000000000000000000000000000000000000000000000000000000",
"timestamp": "2026-06-02T04:24:33.607606"
}
2026-06-02T04:24:32
report_generated
{
"action": "report_generated",
"evidence_sha256": "0000000000000000000000000000000000000000000000000000000000000000",
"hash": "8edcb05573bff90876c7a83152e20858c98c79581a5719db97e46f5a44beab2d",
"metadata": {
"case_id": 1,
"case_number": "CASE-WF-1780374261",
"evidence_count": 1,
"findings_count": 1
},
"prev_hash": "0000000000000000000000000000000000000000000000000000000000000000",
"timestamp": "2026-06-02T04:24:32.696438"
}
2026-06-02T04:24:22
evidence_added
mal.exe
{
"action": "evidence_added",
"evidence_sha256": "8c72e930d666da162b9b5b54162724c252deddf7f28c37df7ad887b35dc28603",
"hash": "93b378c129ab839fe5e8d96b2525fe1cc91483b886d33f5344c2dcb9e00ddd04",
"metadata": {
"case_id": 1,
"filename": "mal.exe",
"size": 2048
},
"prev_hash": "0000000000000000000000000000000000000000000000000000000000000000",
"timestamp": "2026-06-02T04:24:22.301706"
}
2026-06-02T04:24:22
case_created
{
"action": "case_created",
"evidence_sha256": "0000000000000000000000000000000000000000000000000000000000000000",
"hash": "4b341e5a826b242cd821ccb29e93acfa5f531ee1886cb0e8bd888c6192996032",
"metadata": {
"case_number": "CASE-WF-1780374261",
"name": "\uc6cc\ud06c\ud50c\ub85c\uc6b0 \ud14c\uc2a4\ud2b8 \uc0ac\uac74"
},
"prev_hash": "0000000000000000000000000000000000000000000000000000000000000000",
"timestamp": "2026-06-02T04:24:22.251615"
}
2026-06-02T04:12:07
ileapp_intake
fz.zip
{
"action": "ileapp_intake",
"evidence_sha256": "c7bb8abafedc4ac7148f3462326228788a22e689c27d57a968f33585bdfe35c5",
"hash": "f84f8a940b65dd2e2d552edaa84f8bf4be63d2bc97503a51f81444edac69c9cc",
"metadata": {
"filename": "fz.zip",
"size": 12
},
"prev_hash": "0000000000000000000000000000000000000000000000000000000000000000",
"timestamp": "2026-06-02T04:12:07.918796"
}
2026-06-02T04:12:07
aleapp_intake
fz.zip
{
"action": "aleapp_intake",
"evidence_sha256": "c7bb8abafedc4ac7148f3462326228788a22e689c27d57a968f33585bdfe35c5",
"hash": "2621599681880671ab5b2134aaa7a64d72c55735a90fc141982cd9cae8084d1b",
"metadata": {
"filename": "fz.zip",
"size": 12
},
"prev_hash": "f610ea747ea04458b95d45651dc6052975a14e54d7c5feb7112db7da3f7f270b",
"timestamp": "2026-06-02T04:12:07.767888"
}
2026-06-02T04:09:04
ileapp_intake
fz.zip
{
"action": "ileapp_intake",
"evidence_sha256": "c7bb8abafedc4ac7148f3462326228788a22e689c27d57a968f33585bdfe35c5",
"hash": "f610ea747ea04458b95d45651dc6052975a14e54d7c5feb7112db7da3f7f270b",
"metadata": {
"filename": "fz.zip",
"size": 12
},
"prev_hash": "400a392f5985656299612df0e9ea3d152978dd1a7d9fe93d681668e90484bce3",
"timestamp": "2026-06-02T04:09:04.827845"
}
2026-06-02T04:09:04
aleapp_intake
fz.zip
{
"action": "aleapp_intake",
"evidence_sha256": "c7bb8abafedc4ac7148f3462326228788a22e689c27d57a968f33585bdfe35c5",
"hash": "400a392f5985656299612df0e9ea3d152978dd1a7d9fe93d681668e90484bce3",
"metadata": {
"filename": "fz.zip",
"size": 12
},
"prev_hash": "0000000000000000000000000000000000000000000000000000000000000000",
"timestamp": "2026-06-02T04:09:04.687065"
}