'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-30 07:11:23.476083 2017-07-30 07:11:58.453208 34 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-30 07:11:23 2017-07-30 07:11:56

Errors

File Details

File name 0844f78b222cc03e2d4af7fc167f91ce8aa79096.zip
File size 1170 bytes
File type Zip archive data
CRC32 AB44AC82
MD5 c7355fc4e6138069f14bbc8975b48c70
SHA1 0844f78b222cc03e2d4af7fc167f91ce8aa79096
SHA256 5cdd04bd624cb5d4907013fefd1507b3cc549225153764f3b5a87dc0f71a04f0
SHA512 7db0bbd712193f53347706542afbf2e66bf4dd936ed28004bee431f99d1163e826a7dc1156f549138647b0538f6201c9046a2e7b9f9d78e450e79f756c15d062
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1501413122]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.