'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 15:36:39.424921 2017-07-10 15:37:50.626683 71 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 15:36:40 2017-07-10 15:37:48

Errors

File Details

File name bf72766f5fd9037d5ea9c8205f91ea6c30df449a.zip
File size 1458 bytes
File type Zip archive data
CRC32 591E6702
MD5 1964549a7698219ec40a940b3e2b76cf
SHA1 bf72766f5fd9037d5ea9c8205f91ea6c30df449a
SHA256 2a8026400cf42a3f824edc0217571aae5aab82798d27359205ac49037d011f0a
SHA512 ce2d74a3a4476ff78aefdd74d03f95f19cff66209b3fe5300c6e5ac409f81a9e6993245fe0e05f9187e60b696c927fc05b9e6bc24d4e0606aa9a941e2bad3031
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499715473]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.