Extracted

• • Target

    ee7b3e658278e4d4a780e5dcea37cfdc_JaffaCakes118

  • Size

    77KB

  • MD5

    ee7b3e658278e4d4a780e5dcea37cfdc

  • SHA1

    6ae05523d9333400cc8ac0892da32b99354b294d

  • SHA256

    32295c7c8473f48ea5e32dc2013f71af234bb6863009d7905d4291a295fed9b8

  • SHA512

    af90f7acd8ca3e8fe4ad689164f1ef0f0321b1743bcf872370b23076a90cff13302887811be18ace415dab07de18a26f19dfb7a2af7c649e5222851058779292

  • SSDEEP

    1536:+ptJlmrJpmxlRw99NB++akPVbFuZ5RmBy:Ste2dw99f1qZ

  Score

  10^/10

  discoveryexecution

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Using powershell.exe command.

    execution

  • An obfuscated cmd.exe command-line is typically used to evade detection.

  behavioral1behavioral2