'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-10-31 17:47:54.090168 2016-10-31 17:48:41.282245 47 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2016-10-31 17:47:54 2016-10-31 17:48:40

Errors

File Details

File name jigsaw
File size 290304 bytes
File type PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly
CRC32 3C351D58
MD5 2773e3dc59472296cb0024ba7715a64e
SHA1 27d99fbca067f478bb91cdbcb92f13a828b00859
SHA256 3ae96f73d805e1d3995253db4d910300d8442ea603737a1428b613061e7f61e7
SHA512 6ef530b209f8ec459cca66dbf2c31ec96c5f7d609f17fa3b877d276968032fbc6132ea4a45ed1450fb6c5d730a7c9349bf4481e28befaea6b119ec0ded842262
Ssdeep 6144:7fukPLPvucHiQQQ4uuy9ApZbZWxcZt+kTfMLJTOAZiYSXjjeqXus:7fu5cCT7yYlWi8kTfMLJTOAZiYSXjyqX
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2016-10-27 05:53:05
Detection Rate: 52/57 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=0, VT[1477936125]=100): Snort Events=0, AV Events=1
Total Score=100

CLAMAV DETECTED:
Win.Malware.Jigsaw-1 FOUND

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.