metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 00:35:30.482973 2017-07-10 00:36:06.964820 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 00:35:30 2017-07-10 00:36:05


File Details

File name a4576cea731a6486205b31defdb588c00e88be57.zip
File size 1503 bytes
File type Zip archive data
CRC32 F4F72F98
MD5 7dffd509f9037a1e3a0b4288d7dfc555
SHA1 a4576cea731a6486205b31defdb588c00e88be57
SHA256 586b2184ee73c58f9f07c6021b30e3fa9e52f9641b2f4e3c296d1510ad09281d
SHA512 f413ceb32acb80bcaebb688f7d926217ef5f57ce7e93660ebd8583e4280e01bb72e3a4a46de38eb7df8ba03313a61a18f68e6f16e95d2747a21586214d7bf7ed
Ssdeep None
PEiD None matched
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499661368]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious


No signatures matched


No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary


registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352


Nothing to display.