'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-10-31 22:40:08.742228 2016-10-31 22:42:36.638761 147 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2016-10-31 22:40:13 2016-10-31 22:42:36

File Details

File name 6c117d1b3bd659cd424d44a9dcad968fdd82364a.exe
File size 5006000 bytes
File type PE32 executable for MS Windows (GUI) Intel 80386 32-bit
CRC32 1AB8716A
MD5 e5cee081011f4690f52b2d34b61a7e6c
SHA1 6c117d1b3bd659cd424d44a9dcad968fdd82364a
SHA256 6d0ec24235459414abcdafea5fce7b8bba41151c52b23cae4fe55a168610ee37
SHA512 895daf355b23d921a4a80f91811e67a34f201c8f1a317524ad6968bb3ff54f9c34e58156b27bfec9be713de3e7a553b80fbce3905a7577a47974144eba12df22
Ssdeep 98304:kAlWD3mLbbBMoGZnoh/fJodJg11rmNhYXYPzjHzbkK:JU3mdMSJmermNbPzp
PEiD None matched
Yara
  • vmdetect (Possibly employs anti-virtualization techniques)
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=75, Anomalies=0, PEiD=0, Yara=2, VT[1477953785]=0): Snort Events=0, AV Events=0
Total Score=75

Signatures

antivm_queries_computername details
locates_browser details
antivm_memory_available details
Roaming_Profile_Modified details
network_bind details
antivm_disk_size details
antivm_network_adapters details
antivm_generic_scsi details
recon_programs details
antivm_vmware_in_instruction details
antiemu_wine details
banker_bancos details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings