'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-12 11:00:37.186446 2017-07-12 11:01:13.434285 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-12 11:00:37 2017-07-12 11:01:12

Errors

File Details

File name 591dceccdd1882504922a5bbf307b78d44e44c81.zip
File size 1481 bytes
File type Zip archive data
CRC32 15AD1437
MD5 532b940ae59ced1d6956545014f42454
SHA1 591dceccdd1882504922a5bbf307b78d44e44c81
SHA256 92ba4fce41e7fb501e36c1bbcd36d7d24e7c43d16731dd135396c093bc3043be
SHA512 630246ddca4435206107c1f3d85c850162e3317837a2e8db4a6080421caee46833fbd77c29cdb7b9134cb559607c65c87be996e0c179d545d6a315c0ff02976a
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499871679]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.