mimikatz | c7d5c2d7df032671544a0974fb292e2131b541469ef1daf9c103c1a534a8ee60 | Triage

Submit
Reports

Overview

overview

Static

static

infected.zip

windows10-2004-x64

9

Sharing

General

Target

infected.zip
Size

11.4MB
Sample

230226-14sxlaaf48
MD5

20378da4066af3d5b0ac9f0d6879e752
SHA1

b6486b33e22c02ee93d32200f2f4f4dbb2dcc08d
SHA256

c7d5c2d7df032671544a0974fb292e2131b541469ef1daf9c103c1a534a8ee60
SHA512

9cc56049ab71c2df9f41f9faa5b30848d33721d1911bca2190ed2a0fae4e54ff959568362a0f0769f985660cab7035816e8cebc30ae35997238b07c671510a31
SSDEEP

196608:W/yaLXILj6fFsb16m9kGRii2BSe2qE3LsGqjRGPnosvg93p9N0MY/6FGD2TDY:W/fSj0ebv2G2MJqE389GPnPvgb0Mz4Z

Score

10^/10

mimikatz cryptone packer upx

Static task

static1

cryptone packer upx mimikatz

5 signatures

Behavioral task

behavioral1

Sample

infected.zip

Resource

win10v2004-20230220-en

cryptone packer upx

windows10-2004-x64

9 signatures

1800 seconds

Malware Config

Targets

- Target
  
  infected.zip
- Size
  
  11.4MB
- MD5
  
  20378da4066af3d5b0ac9f0d6879e752
- SHA1
  
  b6486b33e22c02ee93d32200f2f4f4dbb2dcc08d
- SHA256
  
  c7d5c2d7df032671544a0974fb292e2131b541469ef1daf9c103c1a534a8ee60
- SHA512
  
  9cc56049ab71c2df9f41f9faa5b30848d33721d1911bca2190ed2a0fae4e54ff959568362a0f0769f985660cab7035816e8cebc30ae35997238b07c671510a31
- SSDEEP
  
  196608:W/yaLXILj6fFsb16m9kGRii2BSe2qE3LsGqjRGPnosvg93p9N0MY/6FGD2TDY:W/fSj0ebv2G2MJqE389GPnPvgb0Mz4Z
Score

9^/10

cryptone packer upx
- CryptOne packer
  Detects CryptOne packer defined in NCC blogpost.
  cryptone packer
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

cryptonepackerupxmimikatz

behavioral1

cryptonepackerupx

© 2018-2024

Terms | Privacy