'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 00:15:31.561532 2017-07-10 00:16:08.237923 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 00:15:31 2017-07-10 00:16:06

Errors

File Details

File name d49d01fe2673e7c325d37f37342356859b965d73.zip
File size 1459 bytes
File type Zip archive data
CRC32 CCB3DF91
MD5 53551f48122efc348fca12eb9ed2271c
SHA1 d49d01fe2673e7c325d37f37342356859b965d73
SHA256 7ae8ed04e5963cdca10c41d515783235d72acb9d0ba94df88906b63285a087ef
SHA512 c32ec1e128e2d7b51b60b52ce8c4ce2a7326b90d33707047e9ba85ecd4843db62ac0f60429542407fd03868f4726af045ccb683d4da40c0a0b610411e0c86505
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499660171]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.