'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-08-22 11:43:17.288041 2016-08-22 11:46:26.454498 189 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-08-22 11:43:17 2016-08-22 11:46:26

File Details

File name 665614cb16620d0da402a17417a7cb60c1654dda.zip
File size 8557 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 BC36BD5C
MD5 e5c8c879a2d3674f18fb15cab6694104
SHA1 665614cb16620d0da402a17417a7cb60c1654dda
SHA256 1ad4e57698a7be5e8cc6f13808f7a24c3ba28dc501d5a7c85f1c32592fb132c2
SHA512 120ccfaeb5c007bea9a813616fd9d78b0f5ab2884e698ff9a18196d232c1c10be53be66575e09474dc9ddedbb88913f4cfca1f62f25c2f9677a7b3f51e2c4b8d
Ssdeep 192:TN/aHnDSxzFBTLf3FreRSmGbR6d8eXmIzjcULip6eMIE4O62d:R/YSf/riPGVIWIfcUWp6eMIle
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-08-22 11:31:27
Detection Rate: 4/56 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1471866421]=100): Snort Events=0, AV Events=184
Total Score=100

CLAMAV DETECTED:
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - export_pdf_ db6dc565~.js: Sanesecurity.Malware.26301.JsHeur.UNOFFICIAL FOUND

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

export_pdf_ db6dc565~.js

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Processes

registry filesystem process services network synchronization

Nothing to display.

Volatility

Nothing to display.