'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 10:45:33.580308 2017-07-10 10:46:54.275811 80 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 10:45:33 2017-07-10 10:46:53

Errors

File Details

File name 44dd0a03a99e9b6357e6490fb719fc82abf8617a.zip
File size 1461 bytes
File type Zip archive data
CRC32 B451058D
MD5 169023083dbcf99f014a08cd65d35d0b
SHA1 44dd0a03a99e9b6357e6490fb719fc82abf8617a
SHA256 2de439d24eb3d57c041ff02b3a77084256c180c14650632415cf49b9c4ee812a
SHA512 46e59e958e5ba3b084e66c980f7e5798312a4986071597032f63474b2906b7d1120c875b0022e45010203aa6aad6da7b8ab06c2ccbf6cbd68ea685ffef27d4be
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499698016]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.