metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-11-30 23:44:55.351519 2016-11-30 23:47:37.897178 162 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-11-30 23:44:55 2016-11-30 23:47:37

File Details

File name 2f2b09eebdb46bc95e2a80638e169567177db8d0.zip
File size 3166 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 77B81610
MD5 49c979d3e85594984b3e7a9babd88153
SHA1 2f2b09eebdb46bc95e2a80638e169567177db8d0
SHA256 b896d8f0865a7ceb6da8da84d2d283eb95b013095f477aab96f8009b3459ed3d
SHA512 a8f5143983b15334ff5773cff5e7f7b0ebd40a38b9b05d0092cbd3127a7cfe77de54da128ca820ac80a1880ff60a68e7f9830cafd888539c5c2c925451ea4902
Ssdeep 48:91+SbZvViFL/82G55VZwsZVumPSVlKv5vdXbkHZuu0lDZq3ks8YGT01SF:LbHiFT82GdZV97zXgZMlNw5QY1SF
PEiD None matched
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-11-30 20:45:04
Detection Rate: 15/56 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1480549661]=100): Snort Events=0, AV Events=2
Total Score=100

Sanesecurity.Malware.26507.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - -26zcf4753h00f.js: Sanesecurity.Malware.26507.JsHeur.UNOFFICIAL FOUND


No signatures matched


No screenshots available.

Static Analysis

Nothing to display.

Dropped Files


Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary


registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352


Nothing to display.