'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-04 07:05:15.752176 2017-07-04 07:06:16.901768 61 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-04 07:05:16 2017-07-04 07:06:15

Errors

File Details

File name 0d6167f7319304a90b36ef72bc6696f062e67ca7.zip
File size 1496 bytes
File type Zip archive data
CRC32 73C34EF3
MD5 8612ad45f5c5757092c31bff5773b802
SHA1 0d6167f7319304a90b36ef72bc6696f062e67ca7
SHA256 745d1960e6b500471d626ab52d19afcc8dcc385fea96e755b01687437dbbaf40
SHA512 401791a0b0961f7965eff198763c7aaea66563e2360ef928d99e4ad39e6d40f2a379fa77dab665278076c67265c621fc49eca3e91bc01a10abf0a08c18b4ea8f
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499166383]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.