General
-
Target
66294d68d1282caeb10c8746d444083e_JaffaCakes118
-
Size
307KB
-
Sample
240522-f7hktadd62
-
MD5
66294d68d1282caeb10c8746d444083e
-
SHA1
a503f511728783e05a75e92ce22bb7e0ff011be3
-
SHA256
a955a82cddab2d197579c48b634bb713ca35c19b718058e5adb7179b9cf4a732
-
SHA512
b4cdccaa7c2ffc094561952ffaa4d03a9b689f1a4c72817b89457bc349d73958143b76195a8afbfbff90619c6a20730b9c8ff408224b5fb50892eea9e8eba535
-
SSDEEP
6144:8zeF4M198vCsvgcdXcyfUSnE3KWBQd4Dx+bvUq/XVZoHFz:8zlvjIc9Dftjxdo+4q/lqd
Malware Config
Targets
-
-
Target
Petya.dll
-
Size
353KB
-
MD5
71b6a493388e7d0b40c83ce903bc6b04
-
SHA1
34f917aaba5684fbe56d3c57d48ef2a1aa7cf06d
-
SHA256
027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745
-
SHA512
072205eca5099d9269f358fe534b370ff21a4f12d7938d6d2e2713f69310f0698e53b8aff062849f0b2a521f68bee097c1840993825d2a5a3aa8cf4145911c6f
-
SSDEEP
6144:y/Bt80VmNTBo/x95ZjAetGDN3VFNq7pC+9OqFoK30b3ni5rdQY/CdUOs2:y/X4NTS/x9jNG+w+9OqFoK323qdQYKUG
Score10/10-
Mimikatz
mimikatz is an open source tool to dump credentials on Windows.
-
mimikatz is an open source tool to dump credentials on Windows
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-