mimikatz | ff2134b2480edf5f1f49e980b352a544b46a4a927382556da944cba0a10fb306 | Triage

Submit
Reports

Overview

overview

Static

static

2022-10-22...tz.exe

windows7-x64

2022-10-22...tz.exe

windows10-2004-x64

Sharing

General

Target

2022-10-22_668b61346bcbc37780208b93dbdb25e2_hacktools_icedid_mimikatz
Size

10.2MB
Sample

241004-s9blhasfnn
MD5

668b61346bcbc37780208b93dbdb25e2
SHA1

9d286221d4171631a9e26bade8abfb216a784efa
SHA256

ff2134b2480edf5f1f49e980b352a544b46a4a927382556da944cba0a10fb306
SHA512

735b9b307013723501880de1749c4c2e477a373f52aa59371482cce59398f29af639a9719457a7cacfa172535e7c3be10f66b8dc8e190c4c9db73e4657cca122
SSDEEP

98304:YmBtyYXmknGzZr+HdO5SEPFtmOZ9G1Md5v/nZVnivsAl0eXTBJYa5roSCaa:I6mknGzwHdOgEPHd9BbX/nivPlTXTYr

Score

10^/10

mimikatz discovery persistence privilege_escalation

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

2022-10-22_668b61346bcbc37780208b93dbdb25e2_hacktools_icedid_mimikatz.exe

Resource

win7-20240903-en

mimikatz discovery

windows7-x64

16 signatures

30 seconds

Behavioral task

behavioral2

Sample

2022-10-22_668b61346bcbc37780208b93dbdb25e2_hacktools_icedid_mimikatz.exe

Resource

win10v2004-20240802-en

mimikatz discovery persistence privilege_escalation

windows10-2004-x64

16 signatures

30 seconds

Malware Config

Targets

- Target
  
  2022-10-22_668b61346bcbc37780208b93dbdb25e2_hacktools_icedid_mimikatz
- Size
  
  10.2MB
- MD5
  
  668b61346bcbc37780208b93dbdb25e2
- SHA1
  
  9d286221d4171631a9e26bade8abfb216a784efa
- SHA256
  
  ff2134b2480edf5f1f49e980b352a544b46a4a927382556da944cba0a10fb306
- SHA512
  
  735b9b307013723501880de1749c4c2e477a373f52aa59371482cce59398f29af639a9719457a7cacfa172535e7c3be10f66b8dc8e190c4c9db73e4657cca122
- SSDEEP
  
  98304:YmBtyYXmknGzZr+HdO5SEPFtmOZ9G1Md5v/nZVnivsAl0eXTBJYa5roSCaa:I6mknGzwHdOgEPHd9BbX/nivPlTXTYr
Score

10^/10

mimikatz discovery persistence privilege_escalation
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mimikatzdiscovery

behavioral2

mimikatzdiscoverypersistenceprivilege_escalation

© 2018-2025

Terms | Privacy