Overview

overview

10

Static

static

3

05b5a1a535...bb.exe

windows7-x64

10

05b5a1a535...bb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05b5a1a5354201eb02051a8555a63d82e98766798f5739111c454103ca2599bb.exe

  • Size

    1009KB

  • Sample

    240612-rhznks1gmm

  • MD5

    a38109846c85c59384c9b71ef67f655d

  • SHA1

    211f659b70bf4abd6be8b742e156cc6d5c1d9e43

  • SHA256

    05b5a1a5354201eb02051a8555a63d82e98766798f5739111c454103ca2599bb

  • SHA512

    adc11e5871df6db8f5921ef803865a4611bc274bfef308a524cc7d00e9f4e81d2047ff984a90a6dc752c506246fc9ae141409c685e79d83185c577126729a19a

  • SSDEEP

    24576:Ld9Mrf7iaNVxowiTsJvJkI65s0o5bJQAoDy:ByTeFwWsJxkI660o5roW

Score
10/10
mimikatz

Malware Config

Targets

    • Target

      05b5a1a5354201eb02051a8555a63d82e98766798f5739111c454103ca2599bb.exe

    • Size

      1009KB

    • MD5

      a38109846c85c59384c9b71ef67f655d

    • SHA1

      211f659b70bf4abd6be8b742e156cc6d5c1d9e43

    • SHA256

      05b5a1a5354201eb02051a8555a63d82e98766798f5739111c454103ca2599bb

    • SHA512

      adc11e5871df6db8f5921ef803865a4611bc274bfef308a524cc7d00e9f4e81d2047ff984a90a6dc752c506246fc9ae141409c685e79d83185c577126729a19a

    • SSDEEP

      24576:Ld9Mrf7iaNVxowiTsJvJkI65s0o5bJQAoDy:ByTeFwWsJxkI660o5roW

    Score
    10/10
    mimikatz

    • Mimikatz

      mimikatz is an open source tool to dump credentials on Windows.

      mimikatz

    • mimikatz is an open source tool to dump credentials on Windows

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks