'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-04 13:40:16.116207 2017-07-04 13:40:49.680040 33 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-04 13:40:16 2017-07-04 13:40:49

Errors

File Details

File name 219d8b73ec78c3f34377afe7543ec4eb7e51125d.zip
File size 1435 bytes
File type Zip archive data
CRC32 4F34E078
MD5 d6862a9634505e99f435d41e12a0b1cb
SHA1 219d8b73ec78c3f34377afe7543ec4eb7e51125d
SHA256 cd0077bf181bd18cab0152a4159920dab4e9205c44821c28e49eec8189ade8b5
SHA512 664c5da7ee714bc374e03fe87802d92be8ba08062cf7eeca79701991d902c45522c8633018afd135ae66dc919eb9b1e39b6c3c271e6d7dd8a609d0406a5255b6
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499190054]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.