'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 12:10:34.094141 2017-07-10 12:11:30.736743 56 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 12:10:34 2017-07-10 12:11:29

Errors

File Details

File name 1b2acb252a5cadff5c94b1a9626c49caf3a7caf7.zip
File size 1450 bytes
File type Zip archive data
CRC32 5087C299
MD5 7faec3b9f711677e6cee2615eb78bf5a
SHA1 1b2acb252a5cadff5c94b1a9626c49caf3a7caf7
SHA256 8c664b8d8299505a9dc4c5e359fbdfbf7d503f03d778d356258f9405d984f60e
SHA512 c98d62afc7808354dfb35dc4499fc0d1987a733e511142ba58632c22cba87a5f9e70b4784c12e76ebcd4d82ffdc5cea5e62e3cf586836f5b8f570c397ffffb18
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499703094]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.