'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 14:30:33.723273 2017-07-10 14:31:12.355907 38 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 14:30:34 2017-07-10 14:31:10

Errors

File Details

File name 11f0a3aa6c93bf1d970c9df0e96df4fc73142e0f.zip
File size 1446 bytes
File type Zip archive data
CRC32 07AA1F81
MD5 b8486baaa7b067eb7fd42053e28d6427
SHA1 11f0a3aa6c93bf1d970c9df0e96df4fc73142e0f
SHA256 3139f9a658c0adadd65be7878d714cddb0c25518cdb4d787ec4b40ee4550b520
SHA512 0882d257832d2553f2949ebe8b4160d4655012518c20ad8289190bf09a9b899ce795790214fe28e4831341288ab62413486731a9292d01af0c274c7d90294c17
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499711476]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.