'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-09-16 09:05:01.027481 2016-09-16 09:07:47.518894 166 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-09-16 09:05:01 2016-09-16 09:07:46

File Details

File name 2efb10c5d2719dc3e06300b3ef0042765df62136.zip
File size 9754 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 8C59E8B6
MD5 a7d0d8a81ed59fee8892babf14063b7f
SHA1 2efb10c5d2719dc3e06300b3ef0042765df62136
SHA256 1dcdef38d638b7ad8a27c60950d6c522f9e503ef83825c35124b2965ebfa6abb
SHA512 1d388342f8a839a9f2b47c57ad4a846f91b36044dfe11757bcc35d6a63779e66f5c53e260e134494726762b75e71d9d83ac120a735da8575ab0d79ce3192ba7f
Ssdeep 192:Hb2TGPRPQgp42A4Hzng1fO5a9kXedzQx0d496:7SsPQgp4V4T2fO5AkuVq6
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-09-16 08:38:17
Detection Rate: 3/55 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1474016874]=0): Snort Events=0, AV Events=0
Total Score=2

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

september_2016_details_~0E8544B8~.js

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.