'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-09-23 09:15:04.109135 2016-09-23 09:17:10.640557 126 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-09-23 09:15:04 2016-09-23 09:17:10

File Details

File name 6ea3222fd0d0a6a2059eceab33f4364568a78b17.zip
File size 9671 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 E90741C3
MD5 a241f68e01f5cd2974f4e0bccb341637
SHA1 6ea3222fd0d0a6a2059eceab33f4364568a78b17
SHA256 d577d6526d9daa4f45bea3813d47b11e10902a6bc3a7c986aca3b8150ffd13bd
SHA512 03f0a371118a29116bfa7047adadecc0f6f1f98eb59dd2b6bf61f716feb4d829c7c13be8d3bba2a23c28b431660b02273dfc7f067365405eaeb34ed073dca9ff
Ssdeep 192:wi9TY+dKq8NLkxA5J3/oCi2j70BsnxgKQhAVOIeYVnl:up9sGoCRCsnxgzhcHl
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1474622233]=0): Snort Events=0, AV Events=6
Total Score=25

CLAMAV DETECTED:
Sanesecurity.Malware.26348.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26348.JsHeur.UNOFFICIAL FOUND
Sanesecurity.Malware.26348.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - Transactions details scan 8C3E0.js: Sanesecurity.Malware.26348.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - Transactions details scan 8C3E0.js: Sanesecurity.Malware.26348.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - Transactions details scan 8C3E0.js: Sanesecurity.Malware.26348.JsHeur.UNOFFICIAL FOUND

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Transactions details scan 8C3E0.js

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Processes

registry filesystem process services network synchronization

Nothing to display.

Volatility

Nothing to display.