'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 14:40:32.683461 2017-07-10 14:41:09.320857 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 14:40:33 2017-07-10 14:41:07

Errors

File Details

File name 8bfadcea8d4b3d00b46c5bf3ac023a6b55d0a140.zip
File size 1466 bytes
File type Zip archive data
CRC32 16585F7A
MD5 4cc2b75a097607ab08ff7ae4dbffc66e
SHA1 8bfadcea8d4b3d00b46c5bf3ac023a6b55d0a140
SHA256 ffde231b25fdd2bc35b04840e88caa3a101dfdf3bfcb2e2c376a0d5ff28447eb
SHA512 de3f20031cd460ab4ac040afe88aa14109ecc160ecc60d339d5e449e70fb914be6a5d576e06889548ab7dce5b79c2757257f6537a314109eecf1cb4a127894b4
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499712072]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.