'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-09-16 05:34:32.352310 2016-09-16 05:37:32.850952 180 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-09-16 05:34:33 2016-09-16 05:37:32

File Details

File name 78cb2764595d7545cabfe45efba441796a4112fb.zip
File size 9379 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 BD2748B9
MD5 f4337d378b6775dde4c90360257ebaa2
SHA1 78cb2764595d7545cabfe45efba441796a4112fb
SHA256 ddd99193d9488fa317a6382600c5e2864e5c9507dde98e2eda897da96096a347
SHA512 f36d68802781693566f38bed8fa6fbc8baec46c26a9fa4f7fd9bea10d2063f8e13d5c83f0584374c5224ffac1ea61c266170f8bd74228417b53905c09b594728
Ssdeep 192:4+MBhoD6db7z/DM+pTGY+U7aK0jfvM6LoYP+TpGGZPtiLRt46:4lhW6db7z/AY+c3AvM0swGZ1wL46
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-09-16 03:45:08
Detection Rate: 9/55 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1474004256]=100): Snort Events=0, AV Events=0
Total Score=100

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Booking confirmation ~85DDB65~.js

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.