'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 15:35:32.301141 2017-07-10 15:36:46.591285 74 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 15:35:32 2017-07-10 15:36:44

Errors

File Details

File name 32e944c9cd9385b513bbe70a8d3be930d20e761a.zip
File size 1447 bytes
File type Zip archive data
CRC32 0110AFE2
MD5 7fc1250ae842b6d17d88c3fee17503a9
SHA1 32e944c9cd9385b513bbe70a8d3be930d20e761a
SHA256 083916014097c01714a36ec31cb6856cfcee0d4d720724f3469ee9d93f050fa2
SHA512 597b862966b2b415b517b1f12f590970f22579bf6d37aa87a640b3ea2cb96f80ad33acc438e390f857bf9e014024e031269b5810422b6b9fc731720f70e9c690
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499715411]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.