'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 10:55:33.277479 2017-07-10 10:56:14.497121 41 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 10:55:33 2017-07-10 10:56:13

Errors

File Details

File name 25e173967bc483ec3a7716507c2486c9061d63f2.zip
File size 1502 bytes
File type Zip archive data
CRC32 B8BE7152
MD5 8796404ed15aeaff731b16bdd05c4f64
SHA1 25e173967bc483ec3a7716507c2486c9061d63f2
SHA256 1e54b44667032ade91d01d018f69b76f6b05bc03f16cc69346156f3c1849e80d
SHA512 86eb91148ec8a22d6fdd733d551fbe45773783cc9f1f521fce97f63703f7f22494ae01802567848abb1fd2ee3a72e212da9c1448df06a5fc11a2083c62d26d18
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499698577]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.