'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 05:15:31.314453 2017-07-10 05:16:05.800255 34 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 05:15:31 2017-07-10 05:16:04

Errors

File Details

File name ae0684e1ed116dcbba39b3b435acc1fb575756d0.zip
File size 1475 bytes
File type Zip archive data
CRC32 83F3B2D5
MD5 f2300fa6c9facc18ca6657749c8a10f0
SHA1 ae0684e1ed116dcbba39b3b435acc1fb575756d0
SHA256 c941d7b6122ecf4e7d44d4d4cc4bc957c1d068839ba3c07212492e3ab6172af8
SHA512 4d21243ada89bfe1f22d1276fefc8b1ebd04dfe5ba10ff2ca482cfd87fb03d034ca6e7a447fbe9b1aeba03d62d2428fce98cf344a4eff19da131940a0cc56fab
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499678167]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.