'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-07-30 18:01:23.484240 2017-07-30 18:01:59.079870 35 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-07-30 18:01:23 2017-07-30 18:01:57

Errors

File Details

File name fdf445a68514a51818a2888e98542e252643f808.zip
File size 1161 bytes
File type Zip archive data
CRC32 D01955BE
MD5 baa8bad25e31344a5180789a9590a646
SHA1 fdf445a68514a51818a2888e98542e252643f808
SHA256 31b608000f49a40e861161e92efd44345cf4ab774ffb85623f790218e9607ae0
SHA512 a264edf7b271069487b40f28717c22d1b83c893a10f0cf529a34e1a8791e11d72e85cd440418f1548cc45f3ad1193f9438bc1650614fa920f5ad53382c9ae551
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1501452123]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.