metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-11-30 22:47:58.530555 2016-11-30 22:50:43.192469 164 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-11-30 22:47:59 2016-11-30 22:50:42

File Details

File name 3fdeb139dd0b5e93cc2079b333cda29893cda53e.zip
File size 3172 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 B5F474A3
MD5 f556a594cf704ce4f9973a700b24e5a7
SHA1 3fdeb139dd0b5e93cc2079b333cda29893cda53e
SHA256 6393099561a2e0f37f127c0af164e89ddcc5ea31c02198ee8e850d532a97dcae
SHA512 7a5f24be3f1872c8917f3e86cb5ac948ce485acde085813df5f6733e1596770ebeea76f356323ad6da6215005a28e02d1064c6eb9dbf33f6066115398f715bec
Ssdeep 96:PQ+0uErTSEz7SuqbLtt4ksAgl6pKoOD7WkR4a:ItumFz7SuqbLD4ksN6KHWkR4a
PEiD None matched
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-11-30 20:32:33
Detection Rate: 14/55 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1480546248]=100): Snort Events=0, AV Events=2
Total Score=100

Sanesecurity.Malware.26507.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - -8o18t64vd555.js: Sanesecurity.Malware.26507.JsHeur.UNOFFICIAL FOUND


No signatures matched


No screenshots available.

Static Analysis

Nothing to display.

Dropped Files


Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary


registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352


Nothing to display.