'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-12 01:20:35.271281 2017-07-12 01:21:12.904527 37 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-12 01:20:35 2017-07-12 01:21:11

Errors

File Details

File name ddff193bbc8a16b968c94e35472dad980ccb4410.zip
File size 1454 bytes
File type Zip archive data
CRC32 036DCAB0
MD5 269b3697495a0d83f0e13170d5c4aec1
SHA1 ddff193bbc8a16b968c94e35472dad980ccb4410
SHA256 e35050943014d05cd91aeb139bb21e8ded0ebddf0c985119de65272162b399e9
SHA512 a26b1670c612df7509bbd58aff873ba887f32d70673fa108617ed7b5413892a03adcec47e5bab44d115ab4f03aa249735d392fd94c4cfa1b3ee6db61f835c55c
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499836880]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.