'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 08:55:31.684734 2017-07-10 08:56:52.974816 81 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 08:55:32 2017-07-10 08:56:51

Errors

File Details

File name 311decce3cf93302fae663eff248a9f591d60480.zip
File size 1445 bytes
File type Zip archive data
CRC32 EE45B78F
MD5 a1817ec0a7a3c3fa30bf5ff67ab64c45
SHA1 311decce3cf93302fae663eff248a9f591d60480
SHA256 57d239d65d7ad83fe7079ad4e3b00e24ccaf506cbae1ebc0c2bd23c397fa4406
SHA512 e2be9751a2a39658c128e79717c4e82aabdfeaa4ea1a7bc2e0c1019516b3df478af4798b9d28cac168122c4cedd6a69852043ee0d3cbf3ee739b23fb02d6b398
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499691416]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.