'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-09-16 03:53:15.865662 2016-09-16 03:55:37.568727 141 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-09-16 03:53:16 2016-09-16 03:55:37

File Details

File name 32b6c28322df1c4d8244a20b9639e210291cfe6a.zip
File size 9671 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 72E9B6C5
MD5 ab5bd77fa1b582218ff2aedd4728583c
SHA1 32b6c28322df1c4d8244a20b9639e210291cfe6a
SHA256 85314d09f79f764bfaecebb770cdddd3b2fd20e8edf580c5af20c2977c91f99a
SHA512 7884d1e1158821d92adc8b1848acbeade7a4ded303d05f966cb0e569e014893c687644889d278ae53a7258212a9b955166871435dbc4774419ec8fdc306378a2
Ssdeep 192:yzXCrrmQW/EqrpVQvK5OZnYYd/PNOTw7llB6mKNSi2M6TGc6ZvV/VvMp352:yzXCrBqtAKmYY9NOMpb6bSi6TAdNUpJ2
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-09-16 02:35:04
Detection Rate: 7/53 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1473998142]=100): Snort Events=0, AV Events=0
Total Score=100

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Booking confirmation ~D9F082~.js

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.