mimikatz | c585cb1e9e41a7e5e0c8db0eac0e2f5dd40660a103b4e6ca0af92790ef1eac01 | Triage

Submit
Reports

Overview

overview

Static

static

3

f1adfa9195...18.exe

windows7-x64

1

f1adfa9195...18.exe

windows10-2004-x64

Sharing

General

Target

f1adfa919518d16988ce67533625812a_JaffaCakes118
Size

742KB
Sample

240922-kqwtbs1cpn
MD5

f1adfa919518d16988ce67533625812a
SHA1

382b5a19a01da21eb98c28745962b3aeafcca86d
SHA256

c585cb1e9e41a7e5e0c8db0eac0e2f5dd40660a103b4e6ca0af92790ef1eac01
SHA512

e864de465d5072e192c03345fd72f8fa92667feea1b2fca6042c29b8b669c7d6d820b2930fda0101f25e94edb032b36b1bd2a850da65e3288c9a32e22a1aba7d
SSDEEP

12288:WZn/ydyo+MlaPpIMjTDjsbnxwdfD5i7lE2hPYR90/LMqeyBY1UFQQN46+qs:Wn/iP+McjTPWxwdQ/WR9coqJix6+qs

Score

10^/10

mimikatz

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f1adfa919518d16988ce67533625812a_JaffaCakes118.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

f1adfa919518d16988ce67533625812a_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  f1adfa919518d16988ce67533625812a_JaffaCakes118
- Size
  
  742KB
- MD5
  
  f1adfa919518d16988ce67533625812a
- SHA1
  
  382b5a19a01da21eb98c28745962b3aeafcca86d
- SHA256
  
  c585cb1e9e41a7e5e0c8db0eac0e2f5dd40660a103b4e6ca0af92790ef1eac01
- SHA512
  
  e864de465d5072e192c03345fd72f8fa92667feea1b2fca6042c29b8b669c7d6d820b2930fda0101f25e94edb032b36b1bd2a850da65e3288c9a32e22a1aba7d
- SSDEEP
  
  12288:WZn/ydyo+MlaPpIMjTDjsbnxwdfD5i7lE2hPYR90/LMqeyBY1UFQQN46+qs:Wn/iP+McjTPWxwdQ/WR9coqJix6+qs
Score

10^/10

mimikatz
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy