'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-30 18:26:24.509393 2017-07-30 18:26:58.051807 33 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-30 18:26:24 2017-07-30 18:26:56

Errors

File Details

File name e7ae575745612d3f57e04b382b451c5d5464a587.zip
File size 1199 bytes
File type Zip archive data
CRC32 C246A7E9
MD5 423695ae56a7ed8561b9ad77bdcd7afb
SHA1 e7ae575745612d3f57e04b382b451c5d5464a587
SHA256 ee5489487425f183150d834a49f1b034c9c2b47562f0f92b87a84a5cbd89027f
SHA512 8b30e7ba4e4d303a93bdedbcfe946fb9314e4d24021d9ce1a2b99fa46cd99b8eee041a81d1aca5270dea05ad1bf8973ba0cec47ff1996590a3306ff39383ed70
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1501453621]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.