'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 10:45:34.863371 2017-07-10 10:46:49.554088 74 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 10:45:35 2017-07-10 10:46:46

Errors

File Details

File name c54a1d2d01ec97b302ee67d72f4a43c8bcda6bf5.zip
File size 1446 bytes
File type Zip archive data
CRC32 FE5AF116
MD5 9ff3269edeac572fe0a05e1764376baa
SHA1 c54a1d2d01ec97b302ee67d72f4a43c8bcda6bf5
SHA256 8ca9124cab652616352a7ae26b33d6207d4453b7ef357313a0b5ebbdb1cdf7f7
SHA512 ac49521279d025e0d6375fc757bd0b3c7631dde226f6bcea4e706436b2ddb500bafb11f23cfaeee02ddd6195f1240c418f9b2a81008701f978a312cd761e3b1c
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499698013]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.