metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-04 03:20:14.387286 2017-07-04 03:20:50.296053 35 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-04 03:20:14 2017-07-04 03:20:49


File Details

File name bc2abb90c7ed06d4b46cdef0303da42f20298bc6.zip
File size 1467 bytes
File type Zip archive data
CRC32 CE1D832A
MD5 a6981b3f5a9aa7ad72b73559a03df3c1
SHA1 bc2abb90c7ed06d4b46cdef0303da42f20298bc6
SHA256 1ec7cb0dffc1496fd303b1ffa769a0bff6762683a1abfbbd39f37f4764d9cb27
SHA512 3705dc88297fb5f81e90ee3af472a8ff023158e103239a70fea74c148bf5d35af0cbe8ce6d09cc03fc8d293917852cf37ce0f66438bff9a90615d3bea46ef096
Ssdeep None
PEiD None matched
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499152854]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious


No signatures matched


No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary


registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352


Nothing to display.