metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 00:05:30.423435 2017-07-10 00:06:06.768863 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 00:05:30 2017-07-10 00:06:05


File Details

File name 443d9a04a5a39a6d4d30dd95f71d6a884a048cc2.zip
File size 1457 bytes
File type Zip archive data
CRC32 1E462828
MD5 72c25ef7b34b0dadc625a061363af858
SHA1 443d9a04a5a39a6d4d30dd95f71d6a884a048cc2
SHA256 00ac7da7c122b3613990849e558476b8ea7c9d38e6b2c5c3a31b146947d29652
SHA512 d6dc7905159d35d0207fcf1ee3e6b99860e55497d96e4ad7a816d14a6d9942daf1ed487bbb3166679c60aa89eb31fc726687957bd043e68482dc11883d0d9939
Ssdeep None
PEiD None matched
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499659571]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious


No signatures matched


No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary


registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352


Nothing to display.