'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 02:30:32.471879 2017-07-10 02:31:07.143635 34 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 02:30:32 2017-07-10 02:31:06

Errors

File Details

File name 8205ed3e4fffed81d8ac6876669bab4caf70794c.zip
File size 1459 bytes
File type Zip archive data
CRC32 41A4B9B9
MD5 2f2b292d3a7e8b6aff77637d7a8aa336
SHA1 8205ed3e4fffed81d8ac6876669bab4caf70794c
SHA256 b32f7aa5f6aa808f72dbeb666111ba0c71b5d5d1d7cf3b62c9ba11f0a952cd05
SHA512 737e4cd3f81908103c80db650885d680f22430e20d864421127cea4be3ca723424d20951cf542f41e0f11380d4ccf21fc20c0fa7a6fe6d8567747ee51fd2887a
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499668269]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.