Possible IOC

Disposition

Recommended action: Do not treat this as clean. Review the listed indicators, source, sender, and file hash before release.

This disposition is based only on facts present in the CAPE JSON. It is not a guarantee that a file is safe.

How This Was Determined

Malicious Indicators

No malicious indicators were identified by this script.

Possible IOC / Review Indicators

CAPE recorded network activity (22 network item(s)).
CAPE captured 3 dropped/related file(s).

Lower-Risk Facts

CAPE malscore is low: 0.
No YARA hits were recorded.
No CAPE YARA hits were recorded.
No ClamAV detection was recorded.

Important Notes

CAPE did not provide a malstatus value.
VirusTotal was unavailable in CAPE: Unable to complete connection to VirusTotal. Status code: 429

VirusTotal

Stored CAPE result: Unable to complete connection to VirusTotal. Status code: 429

Manual lookup: Open SHA256 in VirusTotal

File Details

File name	shexview.zip
File type	Zip archive data, at least v2.0 to extract, compression method=deflate
Size	73154
MD5	cf61b12ea9d5babbccf04cfdbf5c1ba1
SHA1	be95ad56132cf0c0071105fa5bb866c8b439abd0
SHA256	b0f5e6bea715be67460d24e4ffe5256297ffd990cc4f5bfa902f9d5af0d1196d
VirusTotal lookup	Open SHA256 in VirusTotal

Sandbox Run Details

Task ID	24
Started	2026-06-18 11:24:25
Ended	2026-06-18 11:25:19
Duration	54 seconds
Package	zip
Route	internet
Machine	cuckoo1
CAPE score	0.0
CAPE status

YARA / AV Indicators

Source	Rule / Detection	Description / Evidence
No YARA hits recorded.
No CAPE YARA hits recorded.
No ClamAV hits recorded.

CAPE Signatures

Severity	Confidence	Signature	Description
No signatures recorded.

Behavior Summary

Executed commands / child processes	0
File writes	0
File deletes	0
Registry writes	0
Created services	0
Started services	0
CAPE payload-like items	0
CAPE extracted configs	0
Dropped/related files captured	3
Network indicators	22

Executed Commands / Child Processes

None recorded.

File Writes

None recorded.

Registry Writes

None recorded.

Created Services

None recorded.

Started Services

None recorded.

CAPE Extracted Items

Payload-like Items

None recorded.

Extracted Configs

None recorded.

Network Activity

Network activity was recorded.

{'ip': '184.31.114.99', 'country_name': 'unknown', 'asn': '', 'asn_name': '', 'hostname': '', 'inaddrarpa': '', 'ports': [80]}

{'ip': '23.50.37.248', 'country_name': 'unknown', 'asn': '', 'asn_name': '', 'hostname': '', 'inaddrarpa': '', 'ports': [443]}

{'ip': '23.65.16.228', 'country_name': 'unknown', 'asn': '', 'asn_name': '', 'hostname': '', 'inaddrarpa': '', 'ports': [443]}

{'ip': '23.15.3.76', 'country_name': 'unknown', 'asn': '', 'asn_name': '', 'hostname': '', 'inaddrarpa': '', 'ports': [443]}

{'ip': '13.107.253.51', 'country_name': 'unknown', 'asn': '', 'asn_name': '', 'hostname': 'edge-consumer-static.azureedge.net', 'inaddrarpa': '', 'ports': [443]}

{'domain': 'edge-consumer-static.azureedge.net', 'ip': '13.107.226.51'}

edge-consumer-static.azureedge.net

204.79.197.203

150.171.27.11

23.39.51.204

Generated 2026-06-18T11:26:01 from /opt/CAPEv2/storage/analyses/24/reports/report.json