'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-12 09:55:36.918243 2017-07-12 09:56:12.937413 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-12 09:55:37 2017-07-12 09:56:11

Errors

File Details

File name 1c26436564eba422e6caeed8433678dc69ae6100.zip
File size 1494 bytes
File type Zip archive data
CRC32 4FF9D11E
MD5 ac7c5715ddee43fabcc4bf8cc15d23da
SHA1 1c26436564eba422e6caeed8433678dc69ae6100
SHA256 062fa7bfa89125635818f6bc6df00b69fbba4897f605b15b5cb3e18d0b9fb4d3
SHA512 e7bd02880b7966f16e801ab0aaad247881acff9f16ba134abbd8b1c024643efc40a435702842f09609d21963fad576ee925ed84b1095206fc8b52fe0f4b562fc
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499867778]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.