mimikatz | be8a9803c42da6bafcfaa6317c08a3a155eeca9853ab13ec0f472c48a8a598eb

Analysis

max time kernel
141s
max time network
124s
platform
windows10-2004_x64
resource
win10v2004-20240730-en
resource tags

arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
submitted
28-07-2024 21:40

Target

25955217bba0d9e78ea3c4aa9272ad3c_JaffaCakes118.exe
Size

10.3MB
MD5

25955217bba0d9e78ea3c4aa9272ad3c
SHA1

68d311f246f2fa03ebe510e218a0d6ff590e32df
SHA256

be8a9803c42da6bafcfaa6317c08a3a155eeca9853ab13ec0f472c48a8a598eb
SHA512

8437f9dd4fdd0dbff55f157a89898017d2a23a05c394f6539add7389467060354f9534690dbd169fbd27c8fe0da215654e281c17f5e61e583a2febc7494e27db
SSDEEP

6144:86TiU8liKTKCkj2UuE2cgyL6FVWqxry0iAn7O6KoTHPuZ:jbZniT3cXuy174Ot0uZ

Score

10^/10

mimikatz

Mimikatz
mimikatz is an open source tool to dump credentials on Windows.
mimikatz

mimikatz is an open source tool to dump credentials on Windows 3 IoCs

resource	yara_rule
behavioral2/memory/3868-0-0x0000000140000000-0x0000000140141000-memory.dmp	mimikatz
behavioral2/memory/3868-1-0x0000000140000000-0x0000000140141000-memory.dmp	mimikatz
behavioral2/memory/3868-4-0x0000000140000000-0x0000000140141000-memory.dmp	mimikatz

C:\Users\Admin\AppData\Local\Temp\25955217bba0d9e78ea3c4aa9272ad3c_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\25955217bba0d9e78ea3c4aa9272ad3c_JaffaCakes118.exe"
1⤵
PID:3868

memory/3868-0-0x0000000140000000-0x0000000140141000-memory.dmp

Filesize
1.3MB

Download
memory/3868-1-0x0000000140000000-0x0000000140141000-memory.dmp

Filesize
1.3MB

Download
memory/3868-2-0x0000000000400000-0x0000000000E4D000-memory.dmp

Filesize
10.3MB

Download
memory/3868-4-0x0000000140000000-0x0000000140141000-memory.dmp

Filesize
1.3MB

Download