metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-12-01 22:25:08.643084 2016-12-01 22:25:48.036487 39 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-12-01 22:25:09 2016-12-01 22:25:46


File Details

File name 4a97db8a59e5597b5160837fe2d498a2574400da.apk
File size 9974682 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 7FE58C3B
MD5 ca2ee23ec8de25c5c1a1c47ef1397ab1
SHA1 4a97db8a59e5597b5160837fe2d498a2574400da
SHA256 2b55411e0c5c8158adc3ad6c260f013a87b7a806f45f1f9cf918a1964701d006
SHA512 11fb25805287d39c1fb2917c71e94a4ebbd41769cf9c44486ba7581ae6dbb2bdde90c0ce6ea83d940e93594ad813cdd188b39b6f596d5eef9bb0f008e06fa80d
Ssdeep 196608:8cxdL/hJ2lSWq8ahLWVCToFFNo16AtFPvfC1EE+Gu4yxY6Pdc+Xwey4Q:5dDVwHmoXa6yPE+G5AXVc+AeHQ
PEiD None matched
  • shellcode (Matched shellcode byte patterns)
VirusTotal Permalink
VirusTotal Scan Date: 2016-11-25 10:16:27
Detection Rate: 3/58 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1480631155]=0): Snort Events=0, AV Events=0
Total Score=2


No signatures matched


No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary


registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352


Nothing to display.