mimikatz | 48f1cef1f87eb91099bb196dc352d15f640cafc6d0f6284d2416dfcc8892f774

Analysis

max time kernel
135s
max time network
136s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
28-08-2024 11:00

Target

c6b7544e4620fbe15316a49e937e7fd5_JaffaCakes118.exe
Size

1.5MB
MD5

c6b7544e4620fbe15316a49e937e7fd5
SHA1

1e8ca5ba173ab5dae6323cc40026110de6fae6b0
SHA256

48f1cef1f87eb91099bb196dc352d15f640cafc6d0f6284d2416dfcc8892f774
SHA512

1ad9980ace7a4e6c9c781052bb9c99fc6c3dbeebb54f724c8f914bf1c3a1d4cae252834115e6394c6a132d5e8df61287c652afe515c7feb5e54ed2f617a18d19
SSDEEP

24576:8b+S0hOrjs772EcKow1VTTMq9brSKiRqaTFVC1GMRVsDT+qImGM:8KhOrjqVrfMq9nS22FVC1GaVbqImX

Score

10^/10

mimikatz

Mimikatz
mimikatz is an open source tool to dump credentials on Windows.
mimikatz

mimikatz is an open source tool to dump credentials on Windows 2 IoCs

resource	yara_rule
behavioral2/memory/2116-9-0x0000000000790000-0x000000000085B000-memory.dmp	mimikatz
behavioral2/memory/2116-0-0x0000000000D80000-0x0000000000E51000-memory.dmp	mimikatz

C:\Users\Admin\AppData\Local\Temp\c6b7544e4620fbe15316a49e937e7fd5_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\c6b7544e4620fbe15316a49e937e7fd5_JaffaCakes118.exe"
1⤵
PID:2116

memory/2116-9-0x0000000000790000-0x000000000085B000-memory.dmp

Filesize
812KB

Download
memory/2116-0-0x0000000000D80000-0x0000000000E51000-memory.dmp

Filesize
836KB

Download
memory/2116-10-0x0000000000400000-0x0000000000589000-memory.dmp

Filesize
1.5MB

Download