'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-11-02 13:17:43.605850 2017-11-02 13:19:05.774896 82 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-11-02 13:17:46 2017-11-02 13:19:04

Errors

File Details

File name 568a81caa28f97c5_robloxplayerbeta.exe
File size 10485775 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 0516C502
MD5 88cd0b4657d47cd54ac56ddeefc17594
SHA1 56bbe8acca88859f822c578282a920339ce6d20f
SHA256 9651980ebfa9e6e7a9932c05906d25c3f0c2f5131216ea05a65dd81d520e670a
SHA512 8b0a155c8427c4daad67b22fd8481aae18c5c31ecf01e150f9f05d63769d8624355116b12b925b8d8539f0efce1654545004c6130078cd60f2c044f2a82ceafc
Ssdeep None
PEiD None matched
Yara
  • GenerateTLSClientHelloPacket_Test ()
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=50, Anomalies=0, PEiD=0, Yara=2, VT[1509643153]=0): Snort Events=0, AV Events=0
Total Score=50

Signatures

pe_features details
packer_vmprotect details

Screenshots

No screenshots available.

Static Analysis

Sections

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

ICMP requests

Behavior Summary

Processes

registry filesystem process services network synchronization

C:\Windows\system32\lsass.exe PID: 480, Parent PID: 384

Volatility

Nothing to display.