'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-04 00:15:15.500801 2017-07-04 00:15:51.130787 35 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-04 00:15:15 2017-07-04 00:15:50

Errors

File Details

File name d73b9d1a9da1e00af03c5f50d336795999777e77.zip
File size 1420 bytes
File type Zip archive data
CRC32 B5CEFB25
MD5 45b16fd9120d012a99140e764abcf17a
SHA1 d73b9d1a9da1e00af03c5f50d336795999777e77
SHA256 24b42070987b8df7ed53322aa7cd03afefb92f74ab043c5bdd25580af1d43927
SHA512 e63fcda08658b30f503cc187ca7358edd13a0675636bdfe46a98685320f61760925fef29747d3e3d518b2ca14a506a09a43f0b4b99d8d15543c89d9c4a35098b
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499141756]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.