'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 03:05:30.287412 2017-07-10 03:06:22.996594 52 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 03:05:30 2017-07-10 03:06:20

Errors

File Details

File name 67d4d1104980030436f68b28ffe33f04d5d304c8.zip
File size 1456 bytes
File type Zip archive data
CRC32 C24AC12C
MD5 adf4064c277a56b6a3def5a6a19b236b
SHA1 67d4d1104980030436f68b28ffe33f04d5d304c8
SHA256 b0cf2df58482d13c18d61ee48491f23b59625058394f59e0efc6d70ed8073fbf
SHA512 e13e786a9ca8fbd6811d6e27066f2660545697ff3d97d0cee87154f5306fc40f093b667736ba5aa53f404b8001aa321d61b432b66576c60f691af74e4c7eb306
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499670388]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.