'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 11:30:33.636794 2017-07-10 11:31:13.797263 40 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 11:30:34 2017-07-10 11:31:12

Errors

File Details

File name 6f230f51dbd70fa637b830cc16272c0f1b2308ad.zip
File size 1508 bytes
File type Zip archive data
CRC32 597CA790
MD5 069fbf93b1fdc1f529a87f5e07a9bd17
SHA1 6f230f51dbd70fa637b830cc16272c0f1b2308ad
SHA256 8180ffe20f0e75b9cde9943ad4910c6bf06838b53c5b3c1af7a0d0d5601bb3bc
SHA512 91cd771abbe88f5731a31b7ffa49147ec2ca06a6ce6f68687cf77b0e40739044157af0b2bc7e8ee7d454563db27631c28abda81768b1ca8b741e34e7ff96b9ba
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499700678]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.