'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-10 05:30:31.948757 2017-07-10 05:31:06.316704 34 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-10 05:30:32 2017-07-10 05:31:04

Errors

File Details

File name e783882524cdc9a629a8f4343624a4b8e8be5514.zip
File size 1463 bytes
File type Zip archive data
CRC32 20C44E6D
MD5 52d08db50f01bae7dfc01f6b013aca17
SHA1 e783882524cdc9a629a8f4343624a4b8e8be5514
SHA256 121777350b7a0aa66468419109b6fe0c36c1bfe85ac65fd1dd00c28423145901
SHA512 986ddf017362f21ae112804952a682c41bf5b643b46fb292812280349233b210224d9aa981cae2761f69823011a0201cd0910f4d5c6882c88babe5c3bfcf0c8e
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499679069]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.