'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 01:55:31.263362 2017-07-10 01:56:07.741970 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 01:55:31 2017-07-10 01:56:06

Errors

File Details

File name 0dbbe939c19359efec45452f3f4d9aabe9fdaa77.zip
File size 1450 bytes
File type Zip archive data
CRC32 7FFD3DA6
MD5 44b7a121478e66354ac5a99be02c1a44
SHA1 0dbbe939c19359efec45452f3f4d9aabe9fdaa77
SHA256 c106ca5aed897f95b0d6e07a8113c8f967d557b0c6cf3a2174ef67bb0cf0b9f6
SHA512 bb2615141aabef9626cfddd2fcd86b7a5368e4154f5a66ccae28a33566aa008eac8e8645c431d312f9099519ac26dd8ab9636e0ae86ab70ac99d1b4e58db98c5
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499666170]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.