'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-11 23:36:32.385418 2017-07-11 23:37:25.911420 53 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-11 23:36:33 2017-07-11 23:37:24

Errors

File Details

File name 86c1b7c6d345cb5b02dd693fb1f57ae69e0618a3.zip
File size 1454 bytes
File type Zip archive data
CRC32 53CBEF0B
MD5 26a7c419241111098906b763a57d0da2
SHA1 86c1b7c6d345cb5b02dd693fb1f57ae69e0618a3
SHA256 2662ed130b600e5769519e1977ccdc8994dfe0363ecb68904d7c96ec7d958016
SHA512 8854854b670f3137d84ea3fd03c8cf12cb995a99019d11de895b18e027417f330519937d0fc05454ff4a5b83d99183453b7557ac817e4a8544f217ea691cb889
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499830652]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.