'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-10-31 23:50:06.618136 2016-10-31 23:52:15.781333 129 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-10-31 23:50:07 2016-10-31 23:52:15

File Details

File name 02f70c59ca3173cde90ffa8118cd4dd24ad511b8.dll
File size 11445553 bytes
File type PE32 executable for MS Windows (GUI) Intel 80386 32-bit
CRC32 963E7EC5
MD5 b595386449c207b2a04ba32aa131ce8a
SHA1 02f70c59ca3173cde90ffa8118cd4dd24ad511b8
SHA256 f39efa6886a8db5fba30d13959a2e97048fe162cacf99aed5506b358b5c2e451
SHA512 014353d4f4401179a39cf1b82bdeba58f7ade25817cfc312a10d91e981cd4861ca9a1d6639300e52f2b2b073fed58dc781ec639f9e96fab5243a81085f23ffcd
Ssdeep 196608:AHUZtzoZ0dLCPWF9wZDsRTpM05IIS7oQqmEw8Il2cPbBaNgQzmmiu0MT4VI/MOHH:cUzcebwZoRTpnyhJEw8IbPsNwmVB4sMs
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2016-10-15 23:41:12
Detection Rate: 2/56 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=75, Anomalies=0, PEiD=0, Yara=0, VT[1477957998]=0): Snort Events=0, AV Events=0
Total Score=75

Dropped File/Buffer Yara Signatures:
86bb585cb87139d8_qsqlite4.dll: with_sqlite
f78849775ae067a9_libgcc_s_dw2-1.dll: spyeye
823025f02b355b37df7d7657b0f2b4d3584891a5 [BUFFER]: embedded_pe

Signatures

antivm_queries_computername details
recon_fingerprint details
antivm_memory_available details
dumped_buffer details
Startup_File_Accessed details
antisandbox_foregroundwindows details
antivm_disk_size details
creates_service details
Startup_Added_to_Registry details
persistence_autorun details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings