'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-08-22 23:50:04.545939 2016-08-22 23:53:12.579351 188 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-08-22 23:50:05 2016-08-22 23:53:12

File Details

File name f7e9e2b5fad651848ee1a121b39cff8ed017750b.exe
File size 13372153 bytes
File type PE32 executable for MS Windows (GUI) Intel 80386 32-bit
CRC32 52E01AB7
MD5 7a8854169a2ee6c545d0c4dd20aab7ab
SHA1 f7e9e2b5fad651848ee1a121b39cff8ed017750b
SHA256 2d4a9918e8468ce6d7bc3710e488f2f8b44297c48cac6aa1b07b8c8cdcb77327
SHA512 9df89418efaa424ac9e32d805f10a83c24b607d967b07031737691817e36c275e18c7108edb647963befc74c38d565e156e88dfe4123168f06d8e79cb5b3cd6f
Ssdeep 393216:4b03oF8SKsZU1CQHpQe/J9K4c5k8fyWnE6qU3:Woa8eZwCOJo4YkGEje
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2016-08-20 09:30:48
Detection Rate: 1/55 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=75, Anomalies=0, PEiD=0, Yara=0, VT[1471910183]=0): Snort Events=0, AV Events=0
Total Score=75

Dropped File/Buffer Yara Signatures:
5c0241648cdcc924_crypt32.dll: Str_Win32_Wininet_Library
9c81d11a925b337a_libeay32.dll: Str_Win32_Winsock2_Library
2c903d07cf4d7198_qtcore4.dll: Str_Win32_Winsock2_Library
b5528833164e9e40_converter.exe: Str_Win32_Winsock2_Library
658f58869e1a2cc1_python27.dll: ldpreload
7f12e7b545417d42_qtgui4.dll: GlassesCode
0626588bdd145cf9_qtnetwork4.dll: Str_Win32_Winsock2_Library

Signatures

adware_url_accessed details
antivm_queries_computername details
locates_browser details
dumped_buffer details
Roaming_Profile_Modified details
Startup_File_Accessed details
network_bind details
exploit_heapspray details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings