'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2018-03-19 08:24:40.235123 2018-03-19 08:26:39.329040 119 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2018-03-19 08:24:42 2018-03-19 08:26:39

File Details

File name 308a0bf4ac903ed8ec0f8dbdc5ec65bf81cdfe3c.exe
File size 32398976 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 31A97E94
MD5 1012e72d20ce073f5eb4ddfece9710d1
SHA1 308a0bf4ac903ed8ec0f8dbdc5ec65bf81cdfe3c
SHA256 dedd576bf2ccb2af9ddab2688aaf19c2e7d79ec1073e8a7bf3ef64d342624df3
SHA512 aafb00db920a1694a32bbac75e039518b6fe105a7385efca1f2ddace57af66cf0e620088732d4d0ae5ded056b1835825c5982561908d86507257aeef40bbad22
Ssdeep None
PEiD None matched
Yara
  • Str_Win32_Http_API (Match Windows Http API call)
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=75, Anomalies=0, PEiD=0, Yara=0, VT[1521462424]=0): Snort Events=0, AV Events=0
Total Score=75

Signatures

antivm_queries_computername details
console_output details
has_pdb details
antivm_memory_available details
pe_features details
raises_exception details
create_process_suspended details
openprocess_nonchild details
Roaming_Profile_Modified details
allocates_rwx details
antivm_disk_size details
creates_shortcut details
has_wmi details
stealth_window details
antivm_network_adapters details
packer_entropy details
privilege_luid_check details
uses_windows_utilities details
injection_duplicate_handle details
injection_resumethread details
Windows_Proxy_Tinkering details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings