'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-04 14:35:15.777232 2017-07-04 14:35:50.347751 34 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-04 14:35:16 2017-07-04 14:35:49

Errors

File Details

File name dd62cc44e19b10f6313c33b39a2098109b47c70a.zip
File size 1461 bytes
File type Zip archive data
CRC32 68556ACF
MD5 cb3318b93d11a90feccdc342c195bdff
SHA1 dd62cc44e19b10f6313c33b39a2098109b47c70a
SHA256 a3a6c1ccad56e4ba7e2b54097685262245eef065129b776005a5a71002702ecb
SHA512 e2292d168c0a2a946c2e785b9fb5d1522d48187cbdd7bc54c726f83381e29f4d428ea62c044332051d362d4f0a5db2e00fd84ba011b618ec0ecf4d707ad5184b
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499193355]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.