'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 11:00:33.751295 2017-07-10 11:01:34.007776 60 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 11:00:34 2017-07-10 11:01:32

Errors

File Details

File name 113a988a5d204e3e877737083f37d33862c14f23.zip
File size 1514 bytes
File type Zip archive data
CRC32 A75ABF0A
MD5 c9ea72e47afd07bc87467f0445becf79
SHA1 113a988a5d204e3e877737083f37d33862c14f23
SHA256 418da6a36d493f89c820c1eb6f8b833c45b9a1e886ad08a9779d409f79fffd83
SHA512 c2ee6ef96bf94f8c3001f80bef24d714b16d66049b470619b392bc267c5d3c90b4652a8970a04ceab659a5dfaa9594acf77c2ebfb194acdf2b73a3a43c882409
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499698895]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

ICMP requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.