'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-12-01 22:25:08.643084 2016-12-01 22:25:48.036487 39 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-12-01 22:25:09 2016-12-01 22:25:46

Errors

File Details

File name 4a97db8a59e5597b5160837fe2d498a2574400da.apk
File size 9974682 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 7FE58C3B
MD5 ca2ee23ec8de25c5c1a1c47ef1397ab1
SHA1 4a97db8a59e5597b5160837fe2d498a2574400da
SHA256 2b55411e0c5c8158adc3ad6c260f013a87b7a806f45f1f9cf918a1964701d006
SHA512 11fb25805287d39c1fb2917c71e94a4ebbd41769cf9c44486ba7581ae6dbb2bdde90c0ce6ea83d940e93594ad813cdd188b39b6f596d5eef9bb0f008e06fa80d
Ssdeep 196608:8cxdL/hJ2lSWq8ahLWVCToFFNo16AtFPvfC1EE+Gu4yxY6Pdc+Xwey4Q:5dDVwHmoXa6yPE+G5AXVc+AeHQ
PEiD None matched
Yara
  • shellcode (Matched shellcode byte patterns)
VirusTotal Permalink
VirusTotal Scan Date: 2016-11-25 10:16:27
Detection Rate: 3/58 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1480631155]=0): Snort Events=0, AV Events=0
Total Score=2

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.