'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 10:30:34.078703 2017-07-10 10:31:33.283941 59 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 10:30:34 2017-07-10 10:31:31

Errors

File Details

File name d494e9c95792b15bf444c1b1f3928095ae366096.zip
File size 1454 bytes
File type Zip archive data
CRC32 B45A0ED1
MD5 6a2d7b0bd6132e8b2c33ebda17bdae85
SHA1 d494e9c95792b15bf444c1b1f3928095ae366096
SHA256 3917e1bafa56b3b8f099b504ff18bbd977cd89c94c794e7d508cc8a1b3066e00
SHA512 bbfae9042d1781bf1a5af988f975b53c5f57c1d3098cc7c53c506eab17936975bff4258e2152b9ee8f00f1fba33035db9b02d5f84a1c0ea9d21ccdeabf7559d5
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499697097]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.