'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-08-22 13:30:10.707029 2016-08-22 13:32:50.776311 160 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-08-22 13:30:11 2016-08-22 13:32:49

File Details

File name 56fc16705c2810d5d63ef5a73bb1cfd7cdf5bb9b.exe
File size 17313936 bytes
File type PE32 executable for MS Windows (GUI) Intel 80386 32-bit
CRC32 4D73D3D0
MD5 8a8a47b068a4ba08de2eba49e68e2296
SHA1 56fc16705c2810d5d63ef5a73bb1cfd7cdf5bb9b
SHA256 d302198c591f05f03116eec99cc3649d3a5808b8edaa10853dd5b1eb4be85b51
SHA512 926c8566be40136165e58dd1e6995fcb8ad82912693c5ba9e052b0a08ae9bddf996fa45a77de0f6741471aa4ae36baf421cf8c4bc25d3b0f0c1b6aa83cd63ff4
Ssdeep 393216:W/662o7xVSI7ABDIUjDCzD5bTRNs5nQznFuCJGRLV:WC/yxgIkpIUjDCzVbvs5QzFJ6J
PEiD
  • Armadillo v1.71
Yara
  • Str_Win32_Wininet_Library (Match Windows Inet API library declaration)
  • Str_Win32_Internet_API (Match Windows Inet API call)
  • Str_Win32_Http_API (Match Windows Http API call)
VirusTotal Permalink
VirusTotal Scan Date: 2016-07-21 00:48:15
Detection Rate: 1/55 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=75, Anomalies=0, PEiD=0, Yara=6, VT[1471872826]=0): Snort Events=0, AV Events=0
Total Score=75

Signatures

antivm_queries_computername details
packer_entropy details
persistence_ads details
exploit_heapspray details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings