Extracted

• • Target

    07ee44f9fa9188be620b38bd4494fd6c_JaffaCakes118

  • Size

    83KB

  • MD5

    07ee44f9fa9188be620b38bd4494fd6c

  • SHA1

    b079fbd5595c53ff4b8aee51aaece7792fb2eef6

  • SHA256

    fa22225bbaa33be9c57bf5bc3588b3e5dd4a6bcd531eb10fdf28ae5dc7c950f6

  • SHA512

    f86324391f3d32f7dde4d65bc70cfc1a260ae0b48dfa992bef94b604f775af0d0ed949245e8e6aff3163b788df0719f33502f0c9c0f49357d3360a95faa91db5

  • SSDEEP

    1536:SptJlmrJpmxlRw99NBk+aHJU4rTDUdUNAMeWT:Ote2dw99fb4r3UdqAMe

  Score

  10^/10

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Blocklisted process makes network request

  • An obfuscated cmd.exe command-line is typically used to evade detection.

  behavioral1behavioral2