'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-04 18:00:15.770220 2017-07-04 18:00:51.812715 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-04 18:00:16 2017-07-04 18:00:50

Errors

File Details

File name 4ac56fb0303fa47747103fbdc3adfdec4976ef2e.zip
File size 1500 bytes
File type Zip archive data
CRC32 9F2706A0
MD5 b825de05e0560851f1dbad4a4834d3ab
SHA1 4ac56fb0303fa47747103fbdc3adfdec4976ef2e
SHA256 a16cfd63dc615451f59859879e50cacc36e654cae84d78dd1d72a373a2b3bfff
SHA512 17a08fec3f60c3fa3c9156f47eb5d39a8d1c5b99d21f1a9a76d99138d561f2769cbfbbb7619793371b38f756192561f2ca2b4e40ff5b5d5515bf061427e0ab1c
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499205656]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.