mimikatz | 9e7dd7d767208b92d37bf5dd87be7cd1b1705d8c311852d0717f213250231529 | Triage

Sharing

General

Target

0175869e82458bfce0239e1ce1ee561a_JaffaCakes118
Size

18.4MB
Sample

240930-p872jawgmj
MD5

0175869e82458bfce0239e1ce1ee561a
SHA1

3da6296e8a6be21e67357b0f072c23542db167e5
SHA256

9e7dd7d767208b92d37bf5dd87be7cd1b1705d8c311852d0717f213250231529
SHA512

480a827a2c0f0dcc1a4080e77bbb3f2ff8587a6d0a9e313e8f5f81fbfb94b6f61d833909aed60adf5e84bb2b2e46a6aa41f79d482e92c1c8674ab534114abf53
SSDEEP

393216:c1JJNsQItuTNGH5msaebLZQxazNjhfhJVgCD32uQAXB3ncFmi4e7VUoCpBVRyp61:c9NyFMsjQWNdhJVgCDmuQAR3n8HnZC28

Score

10^/10

mimikatz execution

Malware Config

Targets

- Target
  
  Covenant-master/Covenant/API/CovenantAPI.cs
- Size
  
  1.0MB
- MD5
  
  6f7408bc7dd570c54ab43cddb087ee23
- SHA1
  
  fe45f7e06eac5d1fb7390f0ad62dd1cd33eb5170
- SHA256
  
  5faf694437bd96e7ba7d6a751bb039ab17fdf3b794ceb6902e3151dc4f5149a0
- SHA512
  
  cb05cdcee43d770262c2511f85b31e897a219f07dc190dfe07e6b0f5d7adff3d3a521f871b2335e7b79042bd65f648ab8f4bb02e2a918a421d50b19492ebf58a
- SSDEEP
  
  1536:/UlKluMIRE2nqWYNMaC902r9UTWMn4SVNhaOM+MXCrX9+lt/ieGcO9o6/urVKGos:MU877X+8ezrT+8ebhw0aUsLc
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  Covenant-master/Covenant/Components/CovenantUsers/CovenantUserTable.razor
- Size
  
  3KB
- MD5
  
  7743cf11dbdf1ca0fabedf2bbaa9e53e
- SHA1
  
  110cab9f89cdc1ba5fbb939b6805f1037cac7218
- SHA256
  
  3d5c25d7736fd9f5b86685961bc597b6c2662f21cf149eb63a3fd503b05fd9a6
- SHA512
  
  e3bdfcd400732ea542201f3f7d0dffced946aae827b883d3d82f4bf32ada733a1e1ec335434617903d15195f3ed5644c5d7aa0c902ab145c4261e7a339079b8b
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Covenant-master/Covenant/Components/CovenantUsers/CreateCovenantUser.razor
- Size
  
  1KB
- MD5
  
  df279e4c32ad509f3908090ef2c61709
- SHA1
  
  bb33a7f704cea1f699a3530b8f0b3292ddbae247
- SHA256
  
  69134ed232b07e49eb088a97029fa4e41b8eb484564f1d6bff372814135213c0
- SHA512
  
  298dceddca80f34d7529252c8bb5b90c80e450c323a79f0c234d04cd445db5f5418ee5bc64f052ac88b0dd15471dc7184cc0bb6817328b14b806934bc503f794
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  Covenant-master/Covenant/Components/CovenantUsers/EditCovenantUser.razor
- Size
  
  4KB
- MD5
  
  fc8c90c198718090ec043c038acdae16
- SHA1
  
  ce2be5d779cecc7678a13506e2006a5b8005948d
- SHA256
  
  ca192c3b2e51f1397db9d2cc461e3dcd6fcd522957d68c80beed43ee3ea9edb8
- SHA512
  
  0764e8999001f5f66f2ca089e5eff699d10bee4c5e4a35a97a81fb56ad58e6b56f14b3794861ac94667cfc4fdc1ccef3cb31b75e56e1b90e1eff7560295bade3
- SSDEEP
  
  96:mCUGUjvUjn/w4wdwR9MzwW6i9p5XCH1IOmXkrgkq+Jr+ne8xwGGkrHeqg:mfc/w4wdwnMzwW6ir5ykogl+Jr+n/xwX
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Covenant-master/Covenant/Components/CovenantUsers/EditCovenantUserRolesForm.razor
- Size
  
  2KB
- MD5
  
  57eb40332cafa21d95d25c8072d233c1
- SHA1
  
  c294a00ab444b077f55e645aff0a2d16da82b28f
- SHA256
  
  d4a3449bd21a9a536e1e1803e0726711027203fdf9488d2e914a1799372f5136
- SHA512
  
  9a4dc077dffb520794f1a451fec24715b5e0585da07efc5cb0d5d482ac4f8410a335907bb26ad1d2be9d9efb995559967be1c3a09a56216e2febd7284fbf67a8
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  Covenant-master/Covenant/Components/CovenantUsers/RedirectToLogin.razor
- Size
  
  478B
- MD5
  
  f8f7afe559cba5dd7a3325b52b3fa52d
- SHA1
  
  a42eec2833eb7d22ffa5150ea00a67ad2581e4d0
- SHA256
  
  dd62173714b79528d0d2999fbec94dbb8713b53984badaa7e6607cde012d0a7d
- SHA512
  
  1c681721a25299a1a1b26ada08d834a281d4af7bb60912cb6e00467d2e3602e10e8111f4c18f7890f1bf542b0364780c0ef6bbf5be9ab3ebc63a73c713d5a48f
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Covenant-master/Covenant/Components/EmbeddedResources/CreateEmbeddedResource.razor
- Size
  
  1KB
- MD5
  
  e471371b18f6738c872bf4327c1add38
- SHA1
  
  98dcd71df6dafc501d703f1ec03eb9a562edefc2
- SHA256
  
  b2eba86321585bf4014fb6187b1559c034409363ad11f706c14357fa73ad5e7d
- SHA512
  
  0c46bb0353cf69137fef8b32bc70c2b662fd9c6f2b721f8a73da38f0684e7f29020288fc5b6d2358af802517fbbff1fad26517464fd03e7414e812114471b835
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Covenant-master/Covenant/Components/EmbeddedResources/EditEmbeddedResource.razor
- Size
  
  1KB
- MD5
  
  6540f89c44f41a54590bdfae25c169c5
- SHA1
  
  14a377b47138e75d2d541ffa598c2efb02b8ff5a
- SHA256
  
  daa2299108f70feb69a98a48800de046a9dc9671d10a9c0448812a23159ea5ed
- SHA512
  
  a6b1adb7cbd8807d473c9052016328a7a828471155409f2f9365def97ad4746b17ab68f1207121d41a4c92064ed486503df669070f974141a479f8a04b214572
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Covenant-master/Covenant/Components/Events/DownloadEventTable.razor
- Size
  
  2KB
- MD5
  
  9abc7a61797b146738b8ec874bc3989e
- SHA1
  
  2c3cf7265633dcc945d7cf0ac3b9d2be8431f244
- SHA256
  
  500370cf5cbb8d3cea4f4d52661f25f1f6a40ad290056a3f7221f18774a4609f
- SHA512
  
  5bae8fd954c40358651622d466a19d5997a77bf2f41116937e188042ca855d5dd3b8eee1d70fc27ae240428d77727041a6095d996ff4daab529e459a424405f8
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Covenant-master/Covenant/Components/Events/ScreenshotEventTable.razor
- Size
  
  2KB
- MD5
  
  bbd7cdc5ac736b6838ee93cf2c4925c3
- SHA1
  
  9092c8e50931ae0e8fa612cecfc5413bef0fd6fd
- SHA256
  
  1d65a4487484cc6d57af75612648d01384585c687a317d216e50c9dea2e13545
- SHA512
  
  4fb714eed1a8b7a91e5a61d536731312649a5f7ccabbddd482d4557ea1205a8760fcc39202b81331c1ed29c30f841cb2307c6fb9b2bf0bc150d127ac169e2b53
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Covenant-master/Covenant/Components/GruntTasks/CreateGruntTask.razor
- Size
  
  1KB
- MD5
  
  09c7e69f0f3c16fb87a7723408892638
- SHA1
  
  167ee354a57a4b4a0f8191542cda0b39503d2af6
- SHA256
  
  4563bbeeb04568d763d54405fe987f8529c320c9d9f65666f3d345d947219bd5
- SHA512
  
  02713ab4cc2e327529ef86b97756fe65d4b8f48511506390fed0bb647335469b8504c9e1010105cd448091b31ec7ccd1b4a2702fb9d59d1e2f9daa49992eb8fa
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Covenant-master/Covenant/Components/GruntTasks/EditGruntTask.razor
- Size
  
  1KB
- MD5
  
  3ff11cbebbd85e4f474b3e8253b89b94
- SHA1
  
  1b4e60ed30981816ef6310c103cbd572264fee26
- SHA256
  
  0b83654c0141a3fa1f2b4cc226f4e419acefa7c4d8282a6634ec13ec913adc6b
- SHA512
  
  98fef36e3193bb469ccdb4d70ccf92b039ed3746d97acbfb534621e7a3adccde8931897b09fa30879fc3fe6598bd1fb75b15f96f8e09063925e464e94b619e04
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Covenant-master/Covenant/Components/GruntTasks/GruntTaskForm.razor
- Size
  
  23KB
- MD5
  
  c6be2777a7b1a1041de7b6bddfa9c752
- SHA1
  
  cbea955e8224fce2d87a95a6f19e906954b3fe17
- SHA256
  
  dae7cab40bf65c34d27778e22e53ce3cd53465b64f72bbdb50d9dd45bd86ffef
- SHA512
  
  19eb83cfe33e9e1e0e7195020c7c49c286875a940538f23f7f513366fb79e5a93b7caccca4531e5c89fa2d25f55a21390867edbd284dcd26bcd287579749b9b0
- SSDEEP
  
  384:Tlj4WBlA/BXs29+5RQpL/83av6sVdsW0wUt7vxlRevU:ToReUU
Score

1^/10
behavioral25 behavioral26
- Target
  
  Covenant-master/Covenant/Components/GruntTasks/GruntTaskIndex.razor
- Size
  
  7KB
- MD5
  
  d4fe5c1113e5c4d0824d93a5d82f363f
- SHA1
  
  ce35ab3cbb23141b476307838a9ff4fb25477e37
- SHA256
  
  bb282b7cbc33ab6c33106674dc22dc9f1d973d1e9f066f6c94863c822b44d13f
- SHA512
  
  42da3002e3e8982bec8a1685e581d2a3cfced4b54523e4ef729d0afb4aa93f125bf4f9abd8e0940a706ade1ee9802e8e95e10883d8a449fcf48995d7bd5b32c7
- SSDEEP
  
  192:1C1u82sLgL12lhtdjmkSlyq4ma9RAdjc6JUyg8P07/9nJcCfbfGWL:1CM8XY2LFAwKc6MQ0D9Jlx
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Covenant-master/Covenant/Components/Grunts/GruntInteract.razor
- Size
  
  7KB
- MD5
  
  9bf63b4a075742cdfac771890eab472d
- SHA1
  
  e1dd564e8743e86a7e964784148a695dc6d10972
- SHA256
  
  2cdd2e4bfdc9d1031084913897f050ee3a8ce9ed2da637964cd291c0111c53f8
- SHA512
  
  0e820534615a7683d8df36d93619f657c4f922de3ffcadacd5248ac28e27bf9797a58d591357a7d2302815f15c5197b85c9a20f3ae1bd5d601b8ae63cd591ea6
- SSDEEP
  
  192:15u8cQDqLjOq2lfje9bj13Mq8TXzVi9yybj7k4nbjAR/b:1Q8clv25SKjViBhXK
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Covenant-master/Covenant/Components/Grunts/GruntInteractTerminal.razor
- Size
  
  8KB
- MD5
  
  ce7dd81dccb9812b19009538a7ae2bf7
- SHA1
  
  9d2be95530243fb08f78cf44a651752b41ffc844
- SHA256
  
  af22da18235b876273ed2edfcf4384f5f4c4b1b068a8252955de5d7b9c48a363
- SHA512
  
  e66e0cefd730961ef7bc61d0e52950f73e40d548b6151ecf8732617c4d26deb09124571ecc52223948b2f6bfcdd11f8839d3d873f9620c57dd9252609dbdaa59
- SSDEEP
  
  192:i8rLVoKDIEleWcjAVbBzStq0soMa/B9JmuYc7sf8zzTI6K9qeOyTIy9qe7N9qe7N:i8doa5e1EUya5G/T+If9pIy9P9o/c9bp
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32