'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-09-30 18:20:05.727647 2016-09-30 18:22:30.518436 144 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-09-30 18:20:06 2016-09-30 18:22:30

File Details

File name cc5ec611f41598f5fcfd08dc563ab75f30e30f36.exe
File size 10984744 bytes
File type PE32 executable for MS Windows (GUI) Intel 80386 32-bit
CRC32 EDB0988A
MD5 5b6f65bf922ccfc066150a54d9cc5581
SHA1 cc5ec611f41598f5fcfd08dc563ab75f30e30f36
SHA256 e33ef02d737316a08977cb410f9f046f0adb0464ec5602454bffe0431f56a2bc
SHA512 7aba1985a2c39d59977554c1d2d596e225477cda381325512a2a59a8413c16507859373b211522c55016b033f51ffba0226ac67e8fa4dd9b2c0726d085fcab47
Ssdeep 196608:zIXIUYtXYZszKahl1UtEVc92syDAxnPg3LLWk5CjixT/qYlrMGvBudLGY46t+VPJ:uIxzz3O92sysVQP6ixT/qYrMG+LG96t8
PEiD None matched
Yara None matched
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=75, Anomalies=0, PEiD=0, Yara=0, VT[1475259845]=0): Snort Events=0, AV Events=0
Total Score=75

Dropped File/Buffer Yara Signatures:
1b4303c0cd1d2aa8_bdquar.dll: with_sqlite
e048ddeba820ad0a_bitdefendercom.exe: Str_Win32_Wininet_Library
83a03d6650e48d6f_uus3.dll: Str_Win32_Wininet_Library
6cda21c043cef444_bdupdateservicecom.dll: Str_Win32_Wininet_Library
aab3f06741535786_sqlite3.dll: spyeye
550e01dfda5e71e0_pareto_update3.exe: Str_Win32_Wininet_Library
1072cbf2cf16adbd_regcurepro.exe: Str_Win32_Winsock2_Library
4aecd2a1ec32f10d_bdsmartdb.dll: with_sqlite

Signatures

antivm_queries_computername details
locates_browser details
antivm_memory_available details
dumped_buffer details
Roaming_Profile_Modified details
Startup_File_Accessed details
antisandbox_foregroundwindows details
antivm_disk_size details
suspicious_process details
has_wmi details
antivm_network_adapters details
antivm_vbox_files details
ransomware_files details
Windows_Proxy_Tinkering details
persistence_ads details
antiav_detectfile details
antisandbox_idletime details
antivm_generic_cpu details
persistence_autorun details
creates_service details
infostealer_im details
infostealer_mail details
antivm_vbox_files details
antivm_firmware details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings