'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 02:45:31.044538 2017-07-10 02:46:06.874239 35 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 02:45:31 2017-07-10 02:46:04

Errors

File Details

File name 6616330ca2fd2aef9f0aeabf7a4a8d00c6d96405.zip
File size 1514 bytes
File type Zip archive data
CRC32 A96AADD8
MD5 3a07ef072eff999592d8aca9197b0c1f
SHA1 6616330ca2fd2aef9f0aeabf7a4a8d00c6d96405
SHA256 58872190c190180f8dd4a731389f3995deaac3ceb796af0626552e6eea6ebb11
SHA512 8848f0d41bb21b77956fb015a0a6e51fc6972e2e844995bda311d486daa92a2c2cdba4410d7d73325b16de2be57ff3b341467c64f0f24703f07ddca1e75dadc4
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499669172]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.