'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-11-01 00:42:25.576195 2017-11-01 00:44:17.210811 111 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-11-01 00:42:26 2017-11-01 00:44:17

File Details

File name ba4b82cf2ff85f66e4b9ddd6eac00e111ded4ec4.exe
File size 1643512 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 6CA2E420
MD5 bfd99dcd8ba8dc91290e000848097d30
SHA1 ba4b82cf2ff85f66e4b9ddd6eac00e111ded4ec4
SHA256 2b8c8978d7e51106ba0da53119585ba3794bed37fc361cb3513d311e7b42c725
SHA512 ed8998804dbc9676d417d0e1b89be6e3bb6e73dd6f7e5afce96c7f8688fdf9e1c51dee4a156695414c73f23b1f6f3af8199f42698a8cef8d6da108c6268280e9
Ssdeep None
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2017-11-01 03:46:41
Detection Rate: 15/67 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=0, Anomalies=0, PEiD=0, Yara=2, VT[1509511465]=100): Snort Events=0, AV Events=0
Total Score=100

Signatures

has_pdb details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 480, Parent PID: 384

Volatility

Nothing to display.