'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 08:45:32.674927 2017-07-10 08:46:51.722912 79 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-10 08:45:33 2017-07-10 08:46:50

Errors

File Details

File name dda2ee41ff5247e2c7bbd6a02c0423edcabbcb17.zip
File size 1465 bytes
File type Zip archive data
CRC32 53503CF7
MD5 dd2ea7253692e84d64a35402f2f086b1
SHA1 dda2ee41ff5247e2c7bbd6a02c0423edcabbcb17
SHA256 d1337467c3b0dfc3f230e82a52166577a79487277c2d8434b803b4fa4088274b
SHA512 751a7e21a47e55fea367fdcf85609ee4a8b898dbcdf91b226c2648e8829c8e0cf588e00f3d702dd2a266dd743299ffd72bfaba6c7d5e6e4e6bd0deac16fe93bf
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499690816]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.