'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 17:25:32.292310 2017-07-10 17:26:57.065202 84 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 17:25:32 2017-07-10 17:26:55

Errors

File Details

File name ab9cd8bf172aecb1b676cd4244bec6c3d55e8288.zip
File size 1458 bytes
File type Zip archive data
CRC32 EE2623EE
MD5 e4bf27bd349b8a0762e4b078be22e2de
SHA1 ab9cd8bf172aecb1b676cd4244bec6c3d55e8288
SHA256 df191e6b52fde0f8f5920d31c3b861aeeeaf3915125f01f10936a5be3a8c044f
SHA512 899b595bee270a3658b1f07b6c6230026c9f48c7976e120fd207bfbfe0478202336c9a422445c39af4da60f129251e40237497453346b4ad9492831e73559095
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499722020]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.