'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 05:45:31.931732 2017-07-10 05:46:36.959740 65 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 05:45:32 2017-07-10 05:46:36

Errors

File Details

File name 03e7639a02b9d614de8b1e569233ab1142e5a768.zip
File size 1463 bytes
File type Zip archive data
CRC32 7F3D8DA3
MD5 194370700201b37c06f057e14575a1b6
SHA1 03e7639a02b9d614de8b1e569233ab1142e5a768
SHA256 83693313362a5e601f06d4b72a57da2162264df630b3b44c7efee81bfd08dea2
SHA512 86f7f40995513b1c7d0736b8cb127f730663d6c9d66d82f05b46dfd3b6bd26c969469764cd4b368f8c5f0c51dd698f12176833fce71bfccca8a5c0d7363ed204
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499680005]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.