'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-12 08:10:37.575887 2017-07-12 08:11:26.876871 49 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2017-07-12 08:10:38 2017-07-12 08:11:25

Errors

File Details

File name 2d894aa834a96ac73997e588c3249a5f6a7a4477.zip
File size 1476 bytes
File type Zip archive data
CRC32 0674449B
MD5 78a3287405c8c47006852f21abdf502b
SHA1 2d894aa834a96ac73997e588c3249a5f6a7a4477
SHA256 e0ad22aed9ee34dda4edef4d1e1001a029d036cc3d74b9ec41c5fa193689db9a
SHA512 4f88386da8f3abd473a8266ee686155784c9ee20f36da93fa4a577a45a64911f48cbb59c940862f9393256ed72b600365e452b9297f4b9ac3ceb1a55abf55586
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499861490]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 460, Parent PID: 364

Volatility

Nothing to display.