metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-12-08 14:56:05.637895 2016-12-08 14:58:53.493575 167 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-12-08 14:56:05 2016-12-08 14:58:53

File Details

File name 00763969b8397958785d80efbf3a8d8ba2b2f2b1.zip
File size 3809 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 C1361536
MD5 4d1104b4b99371d9dae460e6b1bdb3a4
SHA1 00763969b8397958785d80efbf3a8d8ba2b2f2b1
SHA256 e7cf954d493c8d6c4ab9e91e5098901ea7b21d19ea9659fb5620e82f822fbf42
SHA512 aeb5f9517e5786d086859dc6cb19e9d2ca9b8dbcca9a7711ca6e9d5a56e3a730a11f0c48fc9afdc97b4fc333bb5f7c5ad6ea94c188e9c6516e7847d2e6fee8be
Ssdeep 96:1BSRGZ7+I1bRsA/+le9W+NEyujECkDKxoh4Of35Etk:qRkL/Ie9DS8miOOhEe
PEiD None matched
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-12-08 05:09:11
Detection Rate: 12/56 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1481209138]=100): Snort Events=0, AV Events=2
Total Score=100

Sanesecurity.Malware.26532.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - ~M5K296S2ZI18CTVBD32199NT.js: Sanesecurity.Malware.26532.JsHeur.UNOFFICIAL FOUND


No signatures matched


No screenshots available.

Static Analysis

Nothing to display.

Dropped Files


Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary


registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352


Nothing to display.