'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-04 09:25:15.992372 2017-07-04 09:25:54.017762 38 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-04 09:25:16 2017-07-04 09:25:52

Errors

File Details

File name 012b1997796977fb2b12991382a63d1f1b2780e6.zip
File size 1458 bytes
File type Zip archive data
CRC32 0D7FA791
MD5 cecc4938d41fd4245d60d86518897e49
SHA1 012b1997796977fb2b12991382a63d1f1b2780e6
SHA256 bd756eca042996beada0e68925da19e71249412d1f4c7783d36d5ff7ee593347
SHA512 5b60dd1538f8903f6b7ea4c5e88afe4c4129fc9a0b64b20726d8e4dca7f131cc3b90b30951d825ab21f35ee0636186640b66aa06e7f5c8ac1dbf34e15b790973
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499174756]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.