'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 05:46:37.293628 2017-07-10 05:47:37.828623 60 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 05:46:37 2017-07-10 05:47:36

Errors

File Details

File name af0e4fffa2d914c91646ec7f384ce2e960c932f6.zip
File size 1450 bytes
File type Zip archive data
CRC32 9B7BC3E9
MD5 604b282ac900dd0b45cecc9405e5fb82
SHA1 af0e4fffa2d914c91646ec7f384ce2e960c932f6
SHA256 37297c2a748bae436715b71ebf90971fa2a8244d444e3d7ae50b6765a0ae60cc
SHA512 0d99899317162fa0a11553654df27eb20c3bc30f6974e3a9222be486dc2b8f4fa3d5c51f386bfbc00c8f773616b70894fa8ba0f39b16b171e74b6608a633c00a
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499680062]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.