Cuckoo report is generated in JSON file. Interpretation of json value

371 Views Asked by Laxmi Bhagwat At 03 May 2021 at 18:19

After the analysis is done of Malware the following sample part is generated in the JSON file.

{
  "calls": [
    {
      "category": "system",
      "status": 0,
      "stacktrace": [],
      "last_error": 0,
      "nt_status": -1073741515,
      "api": "LdrLoadDll",
      "return_value": 3221225781,
      "arguments": {
        "basename": "atp",
        "module_address": "0x00000000",
        "flags": 0,
        "module_name": "atp.dll",
        "stack_pivoted": 0
      },
      "time": 1584287582.774751,
      "tid": 2396,
      "flags": {}
    }
  ]
}

What is "time": 1584287582.774751 in this json file?

Original Q&A

There are 1 best solutions below

oalieno On 16 July 2021 at 04:10

The time field uses the UNIX timestamp format, which represents the number of seconds that have passed since January 1, 1970. (UTC). You can search for online tools, such as https://www.unixtimestamp.com/, to help you decode.

1584287582.774751 means Sun Mar 15 2020 15:53:02 GMT+0000

Based on the JSON you posted, I guess the time field here refers to the time when the LdrLoadDll API was called.

Cuckoo report is generated in JSON file. Interpretation of json value

There are 1 best solutions below

Related Questions in JSON

Related Questions in TIME

Related Questions in CALL

Related Questions in BEHAVIOR

Related Questions in CUCKOO

Trending Questions

Popular # Hahtags

Popular Questions