'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-03 22:30:15.463838 2017-07-03 22:30:51.335707 35 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-03 22:30:15 2017-07-03 22:30:50

Errors

File Details

File name 3e2418216b194e91ca9a53faf56cb157292ea539.zip
File size 1474 bytes
File type Zip archive data
CRC32 9FC152A3
MD5 1c6d2c079fc6ff2e5e025eeaeffa6ba4
SHA1 3e2418216b194e91ca9a53faf56cb157292ea539
SHA256 aa07a66ca5bb86429a0b2139ab8e2ded187b507bd72222978eb2b6136b14a48a
SHA512 03605f3564d4b96fae29536c670e5ab1afde90a420b6b1eb40d9d6bce6703c76f1efdde83f88545158c6a96e67c5e30baea91327f898d4633649258677c68880
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499135456]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.