'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-03-18 10:05:05.334275 2017-03-18 10:05:45.283814 39 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-03-18 10:05:05 2017-03-18 10:05:44

Errors

File Details

File name 927d4cd4a98013e8cae24d58d2ff52a05792814b.zip
File size 879 bytes
File type Zip archive data
CRC32 7B1A88E4
MD5 344981f3edff786990fdfeafbe2a0482
SHA1 927d4cd4a98013e8cae24d58d2ff52a05792814b
SHA256 500c24c14f56f84cc8eddf8011ea4b52ff75476c86bb69cb86ed5a9eb13d8cb0
SHA512 281cc4abef7b475f744b741ffa19cbdd84d922eb70a28b78956f29559b91d34501e786372b91aa2e63ab48e90aad58752f2b02ce8323e46e33baf96bc0a969ac
Ssdeep 24:JAr5+g6Ldb+4TKn9dRfmhgM/umhV2KRoV:JAr5d6ZC46dRfmJN2KRs
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1489831547]=0): Snort Events=0, AV Events=1
Total Score=2

CLAMAV DETECTED:
Sanesecurity.Malware.26717.JsHeur.UNOFFICIAL FOUND

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.