'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-12 01:25:36.151322 2017-07-12 01:26:12.762583 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-12 01:25:36 2017-07-12 01:26:10

Errors

File Details

File name 23f2be52971d66ed5d44d17cd61d894d06f8cc2b.zip
File size 1455 bytes
File type Zip archive data
CRC32 77F05D4E
MD5 856fef6831820b289c88575573488f57
SHA1 23f2be52971d66ed5d44d17cd61d894d06f8cc2b
SHA256 4852cfbbc80933d54c6efc15c15a32f1c2c2a8d02fcaea34dc80e7ff7324270d
SHA512 d2f9c9fdabc5b86becf41388db9b80a182bf73c6d0885912675b1f0f343b8b4e66b44d114fd084eac231fcd566a7327578be9c3b710f3560765d980f4aaf1a2d
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499837176]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.