'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2017-12-03 00:49:04.846981 2017-12-03 00:49:42.674578 37 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2017-12-03 00:49:05 2017-12-03 00:49:42

File Details

File name 0c1d8cde7bc5dfeaca931973e6da5b1927e15fd3.exe
File size 4181662 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
CRC32 DB00678D
MD5 04bea9e98f4359e1b35961b39665a259
SHA1 0c1d8cde7bc5dfeaca931973e6da5b1927e15fd3
SHA256 bcfa4f1a26bda798449666543b68b229c32b1788cc53b813eb958f5a996a90cf
SHA512 e3962e7855a03fcc3daeaa61d1c69c3d0b6927b5a36d6867051ad9c822aef509e49be85b97f326e406f4a7550beaf91100f6002d0634a7ebb9327cfce054941a
Ssdeep None
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2017-11-27 17:22:26
Detection Rate: 3/67 (Expand)

MetaFlows Scores

Metaflows Analysis Results (Signatures=50, Anomalies=0, PEiD=0, Yara=2, VT[1512280249]=0): Snort Events=0, AV Events=0
Total Score=50

Dropped File/Buffer Yara Signatures:
6de471c56b8bfb96_aften.exe: spyeye

Signatures

antivm_memory_available details
pe_features details
allocates_rwx details
antivm_disk_size details
creates_doc details
overwites_files details
packer_entropy details
antivm_vbox_files details
antivm_vbox_files details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings

Dropped Files

e3b0c44298fc1c14_nsqFA44.tmp

2ffe1ac2555e822b_FindProcDLL.dll

331ca4b3a311324b_LangDLL.dll

87e554f323a6b81e_modern-header.bmp

ee13539f3d66cc05_modern-wizard.bmp

86c8ee210e661138_nsDialogs.dll

c2f405d7402f815d_System.dll

53bb519e32931649_w7tbp.dll

551b4333552bee34_valencian.lng

b32474013df7019b_polish.lng

911724fe0ca93caf_dspeech.exe

b47ce14e6c29771f_french.lng

e85355cfe11a26d9_opusenc.exe

b06b53681ea0ba09_favicon.ico

cf7718e82afa1af0_readme.txt

4dd2883e6eb9790c_history (fra).txt

d6b4f489cc20210e_manual (ptg).txt

174962646de4d541_chinese (cht).lng

cea8f5ec27376e58_selena.ia

4aad60db039ffe26_accents.tab

a995e9dba4288710_manual (tur).txt

5522157982022675_epub.tab

189b1af95d661151_launcherlicense.txt

0f3f5e1a0193eda5_manual (jpns).txt

2106ddd7ed2a8f10_japanese(win2k).lng

ec95fdd835fcaef4_appicon_32.png

121615f17ac91d3f_help.html

55069cf14b83f13c_italian.lng

8e2c791cb874ec78_manual (eng).txt

70323da3d502d398_pac_installer_log.ini

96cfca7a080f9875_romanian.lng

e5b01accc8f4a046_history (ita).txt

88c0749cc9ca14cc_help_background_footer.png

5d1394aad8b85e1f_german.lng

58053a49f7c9d07f_appnameportable.ini

489884b45e71a3a2_lame.exe

cf2298246560bde0_license (rus).txt

6de471c56b8bfb96_aften.exe

719ef00ef040f097_manual (rus).txt

2b1189290b6a1608_russian.lng

65e8179931655216_appinfo.ini

9abc52858ae4ddda_donation_button.png

0ad399020728b9f8_dspeech.ini

f6a403b191ba4e2c_manual (fra).txt

46a1d50a869dc7e2_help_logo_top.png

21da591661e6bb6f_manual (rus).pdf

a35d5a4507404107_manual (ita).txt

f3cdedb68fa9cd6c_turkish.lng

f7ef681a81ba468a_neroaacenc.exe

0d81e2ae44ed83c1_appicon_128.png

d12a1f00aa782538_dspeechportable.ini

def5712364f8a1fe_installer.ini

1b29bb52d8c568a5_clear skype log.tab

5f14ecbc922c8c86_appicon_16.png

8d97de2cd9877191_license (eng).txt

ea1ed797653fef8c_speexenc.exe

bd325ccc00f5cd23_appicon_75.png

75e77756f6f67256_license (fra).txt

7c439eab3ff3ff58_oggenc.exe

c9121c33668c360c_japanese.lng

515df90eb93d7212_catalonian.lng