mimikatz | 417c70e912ee8b64ae8ace9044c5ce86f5679b38dc87cb6934c7fdb11d4b0632 | Triage

Submit
Reports

Overview

overview

Static

static

3

417c70e912...32.exe

windows7-x64

417c70e912...32.exe

windows10-2004-x64

Sharing

General

Target

417c70e912ee8b64ae8ace9044c5ce86f5679b38dc87cb6934c7fdb11d4b0632.exe
Size

1.1MB
Sample

240612-wbxmvsxelm
MD5

bceaadd320aaa1bc88b2e670b6ea4e16
SHA1

8cb2d9312eb4c8beea071f692b55c5f1a2a38fea
SHA256

417c70e912ee8b64ae8ace9044c5ce86f5679b38dc87cb6934c7fdb11d4b0632
SHA512

71938de64075cb5aaad692529c7aea612ada995c11d71b8e917a703b416b68d643628e1e5aba89c3a0e58f3ce5b5e31cdefa179227d2340ce2425b0e557c979d
SSDEEP

24576:Ld9Mrf7iaNVxowuT2hn4VXlM0fDfJN0KfMrw:ByTeFw6W4V11fDfvurw

Score

10^/10

mimikatz

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

417c70e912ee8b64ae8ace9044c5ce86f5679b38dc87cb6934c7fdb11d4b0632.exe

Resource

win7-20240611-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

417c70e912ee8b64ae8ace9044c5ce86f5679b38dc87cb6934c7fdb11d4b0632.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  417c70e912ee8b64ae8ace9044c5ce86f5679b38dc87cb6934c7fdb11d4b0632.exe
- Size
  
  1.1MB
- MD5
  
  bceaadd320aaa1bc88b2e670b6ea4e16
- SHA1
  
  8cb2d9312eb4c8beea071f692b55c5f1a2a38fea
- SHA256
  
  417c70e912ee8b64ae8ace9044c5ce86f5679b38dc87cb6934c7fdb11d4b0632
- SHA512
  
  71938de64075cb5aaad692529c7aea612ada995c11d71b8e917a703b416b68d643628e1e5aba89c3a0e58f3ce5b5e31cdefa179227d2340ce2425b0e557c979d
- SSDEEP
  
  24576:Ld9Mrf7iaNVxowuT2hn4VXlM0fDfJN0KfMrw:ByTeFw6W4V11fDfvurw
Score

10^/10

mimikatz
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy