'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-04 02:35:14.834406 2017-07-04 02:35:50.174851 35 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-04 02:35:15 2017-07-04 02:35:49

Errors

File Details

File name b04f01d1d67eeaa327f8e3a6de1c8eb26e8bcc32.zip
File size 1501 bytes
File type Zip archive data
CRC32 FECC6EA5
MD5 a826d4a96eba26fd08337e55aa9e4d0e
SHA1 b04f01d1d67eeaa327f8e3a6de1c8eb26e8bcc32
SHA256 f3a0b0cb3d0e627710c10afe64ce2c7998414dc18abf46e601599bb9a690d8b1
SHA512 03a4b4dbc4411b2d05ee77574b7f0d337c0850552f0f40de36d9e8b527da6793ef4d7f5c736ab0c6df74f60653a60053bb2833d8dbf59c72764f4e3a4c0d545f
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499150153]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.