'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 10:20:31.415101 2017-07-10 10:21:05.036315 33 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 10:20:31 2017-07-10 10:21:03

Errors

File Details

File name 8055069d8cd700f76ea9143e7319576c0a680937.zip
File size 1441 bytes
File type Zip archive data
CRC32 E3D8DA0C
MD5 234109112302ea929c1c89979260f716
SHA1 8055069d8cd700f76ea9143e7319576c0a680937
SHA256 9fc272a209c5b29d138cd8d7a543f250b183334c592c9bd871975e2284c60435
SHA512 a698b12435a071102bd093904d70cb199cea8afaaa0b5916bc1f37ad8ff37c822e61ff6846d728e3013e57b809e29eb1a491ebd40014be13e21bdc690e075e4b
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499696471]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.