'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 17:15:33.761981 2017-07-10 17:16:22.495052 48 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 17:15:34 2017-07-10 17:16:21

Errors

File Details

File name a5b65a213dfc9ca4c592ff0bf268280382c0b539.zip
File size 1449 bytes
File type Zip archive data
CRC32 F0C13D63
MD5 65518d38bbc334d85747ffcf50746403
SHA1 a5b65a213dfc9ca4c592ff0bf268280382c0b539
SHA256 ee2dcce6a828d4917bcedac2e8276a8ec5740c7b24bd6c200b58b2fa2a99584c
SHA512 a70928c8bcd503891a7d95662e9ac715ff9051b10152bdd2f4e685e0c02678d19a7634a08942d23dfa074310c8a50541bcfbc66121f10003a1f78105afbbe5ae
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499721387]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.