'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 03:05:31.642669 2017-07-10 03:06:29.874351 58 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 03:05:32 2017-07-10 03:06:28

Errors

File Details

File name 92044cafe97edcb8e7050ed80d58580f73f2b4bf.zip
File size 1472 bytes
File type Zip archive data
CRC32 6C9ECA30
MD5 a31053215ab20e7f4a60cea5f23f6daf
SHA1 92044cafe97edcb8e7050ed80d58580f73f2b4bf
SHA256 619fe3b495ef3d78ee3acf6be208203e7fff46de9af5fd3c87e80786515a01fc
SHA512 5063adb2570707d46f2b824018c6557f3de60f3c864f1eb9fd4c3a64376d671c07e325bdddd08c05f91949a236523e3960f58cfba2a3c29c6f04ec8fed07ae0e
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499670392]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.