'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-04 16:10:15.597185 2017-07-04 16:10:49.741009 34 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-04 16:10:15 2017-07-04 16:10:48

Errors

File Details

File name d13c4046a142f6a821cf09117eaf46c895a0937b.zip
File size 1467 bytes
File type Zip archive data
CRC32 9CBFB631
MD5 78ffb622c7a27579b21fc313ffe76a94
SHA1 d13c4046a142f6a821cf09117eaf46c895a0937b
SHA256 6a54dd9d04590844264b392a057a2b56d24f0f42a03f0be7af64392be1b922d6
SHA512 2805b55315060578e0f1a4f2a723f8709ae302af140dbfe62407478e533021d31788095adecb710fc926accfe191acaf7cf07e6e72d1a6e0cbc39d08fce03405
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499199053]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.