'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-09-01 01:33:26.560351 2016-09-01 01:36:21.243355 174 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2016-09-01 01:33:27 2016-09-01 01:36:20

File Details

File name a9fd3f5998c04b3c7bd9579d6f3165b7f699e5d9.zip
File size 11017 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 898A7C65
MD5 b4d6a826dc1d3283df12225a20ecc0d2
SHA1 a9fd3f5998c04b3c7bd9579d6f3165b7f699e5d9
SHA256 6302c4f2b4774802b098e4d57033462d79e4fb036da36f12a7e96a4c76dacbc7
SHA512 0fb2a708528e0d1a5fa0dad1bfa4c5e70db5500deb5e25048b5431e12d1e82951d73b167d4ca06a0a2a1428e5d975d636fa72fc56270b7cff92e2387c3a87f38
Ssdeep 192:OqS9aJq6z7GI7jhw4IPZurysDgtUHf8WSHx7Rm6UfPOMKzB2ge4cfIXvP:DvX3jOPZuLD3IxcPOMKzBBe4mIn
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-08-31 20:02:20
Detection Rate: 8/56 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1472693816]=100): Snort Events=0, AV Events=1
Total Score=100

CLAMAV DETECTED:
Can't create temporary directory ERROR

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

AE0568D5_flight_tickets.js

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.