'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-09-01 02:26:47.327304 2016-09-01 02:29:33.967853 166 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2016-09-01 02:26:47 2016-09-01 02:29:33

File Details

File name 11105a245d3b840bd43684708daa2840b13dccce.zip
File size 11138 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 10C26505
MD5 250382a932d3b3a665a10443a3d35f2c
SHA1 11105a245d3b840bd43684708daa2840b13dccce
SHA256 5d83aa40849422f81161cee88824ea92bc0011bda233b48ad7453b1b2599b057
SHA512 775bbcfdc4fed59308fd0ff1db7bab62308c367de49c2c6eabf5e5c1d9b53a012503b4c1819cca6a27f42720bd402c8a8dfbebccfdba7655ed141f25be7c2596
Ssdeep 192:y/Za2jLE3dtc0u7hkSeS648a7vbLUMbswVBSzwhd2aTyLjVduSLcDueOgO:y/ZZjLENeXtkSWUvvpVAKdhTyjTLcif
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-08-31 20:55:05
Detection Rate: 7/56 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1472697007]=100): Snort Events=0, AV Events=1
Total Score=100

CLAMAV DETECTED:
Can't create temporary directory ERROR

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

8D9650DE_flight_tickets.js

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Processes

registry filesystem process services network synchronization

Nothing to display.

Volatility

Nothing to display.