'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-10-07 12:40:04.648158 2016-10-07 12:42:12.008207 127 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-10-07 12:40:05 2016-10-07 12:42:11

File Details

File name 36b6dc7fbf25ce53db0cc9c76fd61d74e7d248ab.exe
File size 8243736 bytes
File type PE32 executable for MS Windows (GUI) Intel 80386 32-bit
CRC32 6A8999F2
MD5 f510b89bf33b2f7a0ec33950254bf20b
SHA1 36b6dc7fbf25ce53db0cc9c76fd61d74e7d248ab
SHA256 cb93f1444d04788d01e78ebb8edc486bdcc357280cc9ad2188d46a49369ef82d
SHA512 8faec1750b8de71cecf1f08c6b359b19adb00b580c7df151999387d57a08113ca1d43f82e122b8c2f5dda2ffa3d1f496befeac890b88c92346b7666ce5633c4a
Ssdeep 196608:T5MGINlmWdeaatZzDUoRLXxPa0N0o6PDsq9XiZ:T5jaStZzDHXM40b7sVZ
PEiD None matched
Yara None matched
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=125, Anomalies=0, PEiD=0, Yara=0, VT[1475844290]=0): Snort Events=0, AV Events=0
Total Score=125

Dropped File/Buffer Yara Signatures:
5233110ed8e95a4a_inetc.dll: Str_Win32_Wininet_Library
412192a2261ed0bd_ccleaner64.exe: Str_Win32_Wininet_Library
934bced969e0f50e_goopdate.dll: Str_Win32_Wininet_Library
d39c9c47075c0bd2_syschk.dll: Str_Win32_Http_API
127c03675c5d6f2f_npGoogleUpdate3.dll: Str_Win32_Wininet_Library
8fbca8477b43ef38_pfUI.dll: Str_Win32_Wininet_Library
f513a2fce15ad1f7_ccleaner.exe: Str_Win32_Wininet_Library

Signatures

antivm_queries_computername details
recon_fingerprint details
locates_browser details
antivm_memory_available details
dumped_buffer details
Roaming_Profile_Modified details
Startup_File_Accessed details
Execution_Options_Accessed details
infostealer_browser details
dropper details
antivm_network_adapters details
memdump_urls details
process_interest details
Windows_Proxy_Tinkering details
persistence_ads details
antidbg_windows details
creates_service details
recon_programs details
modifies_files details
banker_zeus_p2p details
injection_runpe details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings