'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-11 23:10:35.485275 2017-07-11 23:11:11.408244 35 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-11 23:10:35 2017-07-11 23:11:09

Errors

File Details

File name cdb377d9dd198433e67c4473dcb2295d330d5d2f.zip
File size 1459 bytes
File type Zip archive data
CRC32 803DB512
MD5 bc8ccd20fccad149e8eaedf74fe81f3d
SHA1 cdb377d9dd198433e67c4473dcb2295d330d5d2f
SHA256 bd465bed7d17e7827c3d61ec001748613600eb6f643a63c2f30c302348189b2e
SHA512 3335800accdf6b1e86c0ebc4dcf9e4d66416161dd927d83268fa35d80c007eb58f161de322bd64a91c7856117b5328ab044cbefc406968541669e2514a0bbf50
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499829077]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.