mimikatz | 4c9a0ece13359d9bd8afe0c62331c07c0dee952f8926aaf0f57e1defc3717c2b | Triage

Submit
Reports

Overview

overview

Static

static

1

4c9a0ece13...2b.dll

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

4c9a0ece13359d9bd8afe0c62331c07c0dee952f8926aaf0f57e1defc3717c2b.dll
Size

353KB
Sample

230817-v155vsbc63
MD5

79eb12d6315c7956b974fa40052e4bfb
SHA1

f152b026176d4eb1819cd55e7ace77c9cb3c3796
SHA256

4c9a0ece13359d9bd8afe0c62331c07c0dee952f8926aaf0f57e1defc3717c2b
SHA512

776986f14d9d7550c4893903465019b5b403c5f861ee4bbcf082098b1a3f542c0fa51be338a44b90e86d484664c35b7d131147111aac00f0ff167ee56aebc670
SSDEEP

6144:y/Bt80Vm6TBo/x92ZjAetGDN3VFNq7pC69OqNoK30b3ni5rdQY/CdUOs2:y/X46TS/x9KNG+w69OqNoK323qdQYKUG

Score

10^/10

mimikatz bootkit persistence spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

4c9a0ece13359d9bd8afe0c62331c07c0dee952f8926aaf0f57e1defc3717c2b.dll

Resource

win10-20230703-en

mimikatz bootkit persistence spyware stealer

windows10-1703-x64

17 signatures

300 seconds

Malware Config

Targets

- Target
  
  4c9a0ece13359d9bd8afe0c62331c07c0dee952f8926aaf0f57e1defc3717c2b.dll
- Size
  
  353KB
- MD5
  
  79eb12d6315c7956b974fa40052e4bfb
- SHA1
  
  f152b026176d4eb1819cd55e7ace77c9cb3c3796
- SHA256
  
  4c9a0ece13359d9bd8afe0c62331c07c0dee952f8926aaf0f57e1defc3717c2b
- SHA512
  
  776986f14d9d7550c4893903465019b5b403c5f861ee4bbcf082098b1a3f542c0fa51be338a44b90e86d484664c35b7d131147111aac00f0ff167ee56aebc670
- SSDEEP
  
  6144:y/Bt80Vm6TBo/x92ZjAetGDN3VFNq7pC69OqNoK30b3ni5rdQY/CdUOs2:y/X46TS/x9KNG+w69OqNoK323qdQYKUG
Score

10^/10

mimikatz bootkit persistence spyware stealer
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
- Deletes itself
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Pre-OS Boot

Bootkit

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mimikatzbootkitpersistencespywarestealer

© 2018-2025

Terms | Privacy