mimikatz | 48f1cef1f87eb91099bb196dc352d15f640cafc6d0f6284d2416dfcc8892f774

Analysis

max time kernel
117s
max time network
123s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
28-08-2024 11:00

Target

c6b7544e4620fbe15316a49e937e7fd5_JaffaCakes118.exe
Size

1.5MB
MD5

c6b7544e4620fbe15316a49e937e7fd5
SHA1

1e8ca5ba173ab5dae6323cc40026110de6fae6b0
SHA256

48f1cef1f87eb91099bb196dc352d15f640cafc6d0f6284d2416dfcc8892f774
SHA512

1ad9980ace7a4e6c9c781052bb9c99fc6c3dbeebb54f724c8f914bf1c3a1d4cae252834115e6394c6a132d5e8df61287c652afe515c7feb5e54ed2f617a18d19
SSDEEP

24576:8b+S0hOrjs772EcKow1VTTMq9brSKiRqaTFVC1GMRVsDT+qImGM:8KhOrjqVrfMq9nS22FVC1GaVbqImX

Score

10^/10

mimikatz

Mimikatz
mimikatz is an open source tool to dump credentials on Windows.
mimikatz

mimikatz is an open source tool to dump credentials on Windows 2 IoCs

resource	yara_rule
behavioral1/memory/1264-0-0x00000000021B0000-0x0000000002281000-memory.dmp	mimikatz
behavioral1/memory/1264-5-0x00000000020E0000-0x00000000021AB000-memory.dmp	mimikatz

C:\Users\Admin\AppData\Local\Temp\c6b7544e4620fbe15316a49e937e7fd5_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\c6b7544e4620fbe15316a49e937e7fd5_JaffaCakes118.exe"
1⤵
PID:1264

memory/1264-0-0x00000000021B0000-0x0000000002281000-memory.dmp

Filesize
836KB

Download
memory/1264-5-0x00000000020E0000-0x00000000021AB000-memory.dmp

Filesize
812KB

Download
memory/1264-10-0x0000000000400000-0x0000000000589000-memory.dmp

Filesize
1.5MB

Download