'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 02:40:30.521583 2017-07-10 02:41:07.267206 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 02:40:30 2017-07-10 02:41:05

Errors

File Details

File name 61672225ff8e7ed48584b5e27377f42a9f36a9bd.zip
File size 1459 bytes
File type Zip archive data
CRC32 CCC548A9
MD5 3bd7d5a993314be2ed9cee5c8e9864e0
SHA1 61672225ff8e7ed48584b5e27377f42a9f36a9bd
SHA256 654b23afffbd1036b92f20966459fb8cb5013c25f597d01777ecddd6ffc1925d
SHA512 b90165ec1dd3fd9d3b20761a37309dc8832fc363c55ed940781d026f691cdd002bee4daed5e19c25d49f227bb41c38760f8a68c0b7a68bbfd717ebea9e2545dd
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499668869]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.