Extracted

• • Target

    2ed422fb4a023af73c40611052c5dedc_JaffaCakes118

  • Size

    167KB

  • MD5

    2ed422fb4a023af73c40611052c5dedc

  • SHA1

    d16936fefffd9db05d009149b4ad31dacdbc7359

  • SHA256

    5728aa05ef3551aa19530c31280bb3ea3c1e3a5002a0d7ff73c0defedf6d5f13

  • SHA512

    298c3acbc0481a276dec0c7a6dbdc34e572b056658fc202a4361b5b1de81abecd704982603f0ebca426f63570ee5e054df872525005272764bba5ff89200e330

  • SSDEEP

    3072:ExjnB29gb8onvGflgQjDic88w065Zh69txcqYtl7vtWQAO:Exy6Qj7Hw065Z4x3Yb71W

  Score

  10^/10

  execution

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Start PowerShell.

    execution
  behavioral1behavioral2