General

  • Target

    489670c30fbaad_JC.exe

  • Size

    12.6MB

  • MD5

    489670c30fbaad755e955b50ac3618b4

  • SHA1

    e2b72724a18e1e797af03f92ba533738cf0bf666

  • SHA256

    ce5b7d31d0a453cde1ee9793068fda749f496644bd6862b6c95e5eeb5f0e8ec5

  • SHA512

    d30d4418ba2f2b8f282dcb308a8e80e609d9aafc333669ea877b561adf8e01008fdf8491d6b8fe690f2a9802df80796b85c4b4020a83895c0ad39a28ea722d60

  • SSDEEP

    98304:YmBtyYXmknGzZr+HdO5SEPFtmOZ9G1Md5v/nZVnivsAl0eXTBJYa5roSCaa:I6mknGzwHdOgEPHd9BbX/nivPlTXTYr

Score
10/10

Malware Config

Signatures

  • Mimikatz family
  • mimikatz is an open source tool to dump credentials on Windows 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs

Files

  • 489670c30fbaad_JC.exe
    .exe windows x86


    Headers

    Sections