'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-12 09:30:38.776208 2017-07-12 09:31:15.558209 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-12 09:30:39 2017-07-12 09:31:13

Errors

File Details

File name f64a3b3063cd67afbc862830cfd97be36036ac77.zip
File size 1476 bytes
File type Zip archive data
CRC32 991042C9
MD5 f44145562ad7ca9658d194307b653d7b
SHA1 f64a3b3063cd67afbc862830cfd97be36036ac77
SHA256 3f920e902a6ff6cd47bce559168c62c513d33379565912f26f9aeb438fca141a
SHA512 ad3bcdd54a2730ed72104abc110f535e31c1b346f19a711dba1333fba7aa077d5ab6d95dce91262b8115241604a00b2e854229ff37f00cae4ee51e68452b8f41
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1499866280]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.