'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-12 03:15:37.020734 2017-07-12 03:16:13.825321 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-12 03:15:37 2017-07-12 03:16:12

Errors

File Details

File name 701911d1bcb21f9b4f8692ad4cd0641370c58224.zip
File size 1474 bytes
File type Zip archive data
CRC32 951A6AA8
MD5 9d86c1506c84f516f023dd1a29a89841
SHA1 701911d1bcb21f9b4f8692ad4cd0641370c58224
SHA256 e180c388a65730a989b35d8891993d74c5ad49a54411063a7cfa6858d8c1d4e4
SHA512 7bb1f0d0f912663428906bf999a513fe9028dfd83534fc55ef8394321e8c35c5c21a5a8e3ef7d6251f5bc3859132884eef433552f97777479db0eabf6a4b1150
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499843777]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.