metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 07:25:31.463916 2017-07-10 07:26:07.982246 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 07:25:31 2017-07-10 07:26:06


File Details

File name 808f9e64ea9f3e609fbe99dc54e008e381e1b4e0.zip
File size 1469 bytes
File type Zip archive data
CRC32 5D05038D
MD5 61edd1cd734121e1bb2d5c93a6184106
SHA1 808f9e64ea9f3e609fbe99dc54e008e381e1b4e0
SHA256 d96fb25b1dd35cbae6121a2698d2fb689478624ac2cb85279ab222ed2622e29f
SHA512 a48e67869b60f183edf48a093e4cd20610f98fa3c2b7163120c0e4e09a38180e33b62f976af34901d6243109a90c56f5bb48ba64e6d26e489aaab2b5d0e71a26
Ssdeep None
PEiD None matched
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499685971]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious


No signatures matched


No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary


registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352


Nothing to display.