metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-12-08 17:55:19.931822 2016-12-08 17:58:12.039228 172 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2016-12-08 17:55:20 2016-12-08 17:58:11

File Details

File name c99a4e966aef630408c5fa0bf881828bf8eecbdf.zip
File size 3829 bytes
File type Zip archive data, at least v2.0 to extract
CRC32 6E139BDD
MD5 316bdee36fec77a68ff13005be7a5737
SHA1 c99a4e966aef630408c5fa0bf881828bf8eecbdf
SHA256 9e544bc8c30e3436d5b40412b54ad91a6b01d36a9721d3b01290b9ea98704462
SHA512 755e308b7e717703d8722d423d67425e66e51419782cb5f5ed232ee9b3ebef8a669351ac6b1a43854758b8c29a5b8a1248c374a651b790d446b64274801f3f29
Ssdeep 96:EOrqPAPQWJbZiFB4VmGOHbVfT+e3W9lI6JQ0qBs:qiNpZiFWV+b5TsldJQ0f
PEiD None matched
  • PM_Zip_with_js ()
VirusTotal Permalink
VirusTotal Scan Date: 2016-12-08 11:52:13
Detection Rate: 6/56 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1481219895]=100): Snort Events=0, AV Events=2
Total Score=100

Sanesecurity.Malware.26532.JsHeur.UNOFFICIAL FOUND
DROPPED FILE - ~132LGS72V073Q1RAYIZ39S.js: Sanesecurity.Malware.26532.JsHeur.UNOFFICIAL FOUND


No signatures matched


No screenshots available.

Static Analysis

Nothing to display.

Dropped Files


Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary


registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352


Nothing to display.