'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-30 13:51:24.043725 2017-07-30 13:52:01.019585 36 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-30 13:51:24 2017-07-30 13:51:59

Errors

File Details

File name 5e82f1e75b37cc2f1ce66bb8582fa384ee6e7943.zip
File size 1167 bytes
File type Zip archive data
CRC32 FCADA217
MD5 f3eaf85af215cdc4d77220a74b19f756
SHA1 5e82f1e75b37cc2f1ce66bb8582fa384ee6e7943
SHA256 164b34ef348e8d5dadbd3979462bed5bf67bf86270ee49a4a6c623b1f9066c79
SHA512 1f4d44ad06f466b9be4f519692be99ea952af7cf69c7bbca4ffa6b6693340e48ca88d646086575f34479391ea4760518dac3d2065cb11cff1b31a26e32798741
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1501437123]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.