'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 08:55:33.053147 2017-07-10 08:56:51.234556 78 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 08:55:33 2017-07-10 08:56:49

Errors

File Details

File name d318308506b7a943343c31126f11aa5c87986115.zip
File size 1451 bytes
File type Zip archive data
CRC32 EF4684E8
MD5 1862250ea9795634725100443345f8af
SHA1 d318308506b7a943343c31126f11aa5c87986115
SHA256 91b8eb2485d4cfea14b3a90fe037a16c09b870323b0f9345aa2152675c022115
SHA512 f7d8449cc98ee7643414179b422e2740f5422860fcdc9af2d4b266b56cea7f8653e4d440684801fc47d3a2b738f3cd37baec50ac3f3c7be7c4d331b74e1744f3
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499691416]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.