'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 15:35:33.630542 2017-07-10 15:36:39.009367 65 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 15:35:34 2017-07-10 15:36:37

Errors

File Details

File name 425c55393626ac18d8332d8bc2f8feb59dd08e99.zip
File size 1499 bytes
File type Zip archive data
CRC32 02AFC00F
MD5 bb6b03fd8f1b940d7fedf06db5fcd53b
SHA1 425c55393626ac18d8332d8bc2f8feb59dd08e99
SHA256 e82cbd3d962a0865e595098ec8dfa3743b3a0e9376ce03b06230bb1bd4ffebaa
SHA512 373db6530fca7b71ca6b5b78b29c2ad9acb81401e064c90ea95e1e4197f0e25a13049a627a559aad8a6afb23b3b3bbd9fad62f2f03d94369ef20f338e377c846
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499715402]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.