'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-08-29 11:45:43.967539 2017-08-29 11:46:22.826907 38 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-08-29 11:45:44 2017-08-29 11:46:21

Errors

File Details

File name UPS-Receipt-003292358.zip
File size 342 bytes
File type Zip archive data
CRC32 D7852768
MD5 1cbcc2687177aa15fd75312909d45b6c
SHA1 0e29b46646b5e310581f680942d0d65b45e5cc8a
SHA256 313a9f6840de65d154c3836bb28c461bffd15fde9297b9daf1fdc7234b829ce9
SHA512 5739220a50bf9e1c9f037efb04f897492a2e206066ccabf4a533d54da2e8a620c4e76262acdd8826d3b48f7b2150bfa903cbe6640f80e409330d4709a83ed5a5
Ssdeep None
PEiD None matched
Yara
  • PM_Zip_with_js ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1504021588]=0): Snort Events=0, AV Events=0
Total Score=2

File intentionally breaks sandbox processing and looks highly suspicious

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Nothing to display.

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 456, Parent PID: 352

Volatility

Nothing to display.