'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 11:05:32.595314 2017-07-10 11:06:16.726063 44 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 11:05:32 2017-07-10 11:06:14

Errors

File Details

File name 608a4ba28b0869612172a767d5034871bcd137ca.zip
File size 1503 bytes
File type Zip archive data
CRC32 F32180BE
MD5 8a65c02e57fdc31ea30fc3fae4b44084
SHA1 608a4ba28b0869612172a767d5034871bcd137ca
SHA256 0d78bd632475adce1398773f9f2fa3dc73b6e9334a358c55b28a6df976df4a8b
SHA512 e35accc8ade02a26012390024d6a12c22f0b79d72337935e3c4aa5692b4daaca99bf2b4829a878d95d9289f71d4f31ee734190b9128ecce400af71a0fc495bd4
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499699178]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.