General

  • Target

    master.zip

  • Size

    1.1MB

  • Sample

    241115-12xg1atdkq

  • MD5

    85061fb539f0e118805729c0d9efa99e

  • SHA1

    478bab67c2525e1b195622e718d1d07fd0d46774

  • SHA256

    d86e5d2701b548dfbe0419bcffb2ae82c6ccdeb6dc9612050273c543a6f5215a

  • SHA512

    89eeed1be038f1d4cda6af76096e732944ab47d6275818ab4558c3be9080fadc01369adb0d8405eecdebd62519de486a8fd349b0dcc4c1afb5d3f4fdbb09a1ea

  • SSDEEP

    24576:qwvlkGmFoHjZkvEp/DEyTo+dmH5Q3JR2RZV1GMZH9epNdWR:tviGmateEBBoYmZyR8ZDf9eBWR

Malware Config

Targets

    • Target

      mimikatz-master/Win32/mimidrv.sys

    • Size

      28KB

    • MD5

      49518f7375a5f995ebe9423d8f19cfe4

    • SHA1

      46c9a474a1a62c25a05bc7661b75a80b471616e6

    • SHA256

      a0931e16cf7b18d15579e36e0a69edad1717b07527b5407f2c105a2f554224b2

    • SHA512

      63236cc2b517552ea4e5c8211b2cba5c36f50d40a01c97488f8234a28bc212cdb83e95d1e829b591ff1cb4d4f3bd79a79a0e32aca7cb73077f80fb6d14a55e7f

    • SSDEEP

      384:ji91BwAaJmCH6wseck/+5f2AWyzJJ5cF/7fZ+B8YluynVYEH5C+vdUb+se:jiHyA4sLMyNJ5+zfZ+B8YluyVHZC5ise

    Score
    10/10
    • Mimikatz

      mimikatz is an open source tool to dump credentials on Windows.

    • Mimikatz family

    • mimikatz is an open source tool to dump credentials on Windows

    • Target

      mimikatz-master/Win32/mimikatz.exe

    • Size

      971KB

    • MD5

      46f366e3ee36c05ab5a7a319319f7c72

    • SHA1

      040fbf1325d51358606b710bc3bd774c04bdb308

    • SHA256

      2e8092205a2ded4b07e9d10d0ec02eba0ffcf1d370cab88c5221a749915f678a

    • SHA512

      03e67c8f76a589ad43866396f46af12267e3c9ab2ca0a155f9df0406b4bd77b706e12757222d7c95bfa4b91d6ef073150edb87d11496617a2004e9dc953904e1

    • SSDEEP

      24576:ZUawjJv4xFV1To1GPC31fILaq/K34UQCxWw:daOxnOB3aLbK3R5Qw

    Score
    3/10
    • Target

      mimikatz-master/Win32/mimilib.dll

    • Size

      40KB

    • MD5

      b89fd300420f7f8aa506177cc230a824

    • SHA1

      03e89ebc0375803e8a2a758bed0ce0c325012e70

    • SHA256

      2b202a389838e59a7e19bcb8f1280cf339de49d23b37c2ff2028da9924d8ed0d

    • SHA512

      5f650c2bba97f04f3ba994eb01f74d3492bcf25d6230c6e576edf8f3cbacb304a28a437a0d3a9dbc51239818c64fc187f171d2afa0a2f068080661398389a2c6

    • SSDEEP

      768:bhUZHYTw3R3Zeu1b5Oib7ts3sdYemVejdl0SN4FHEhG4FQtEh3:8nikb55b7+8d1IejdlDCHE0CKEh

    Score
    3/10
    • Target

      mimikatz-master/Win32/mimilove.exe

    • Size

      35KB

    • MD5

      5b25c78e900658105bc64f0a31b10656

    • SHA1

      2ca81716cf60d5debae0ad9a82c8566ab53f19a4

    • SHA256

      eac47b3ba3c4a035d4fb8abe0b5531d7f23f1d803b0c784f25cdf68c27520c77

    • SHA512

      ba6bd33c39523b5ebf20b3a5f2f37544b5a5637c64cc132bb1c162a8682288c1a9c105baf7fe2e581ca22070def5a1a33ad68e8f28c26067abf1a4d021c82eb9

    • SSDEEP

      768:dZuH7PLxh8+AJtxF0jBuD24aYNNW9gFqF6VGCxBl/qkFSuEh8FxzEh6:juHxsreYa9dnCxBlnSuEg5EY

    Score
    3/10
    • Target

      mimikatz-master/debian/rules

    • Size

      442B

    • MD5

      378029c42062c66f603a92d0ecd0db32

    • SHA1

      050a2023e376897e88ba58f9e8ac068a39a8e6f6

    • SHA256

      d8813af656e3d3bd27fab484708606fe5edde9bd232c2e3b571adf4a9f0b6348

    • SHA512

      95ec9553bf9eec4ae074af021028c46ea0e715bfb090e827ab7a7e08f414fee6f15ad6eaee5938baa256eeb97bbf05b5f0caf7ef06815b771fa13efef7179fd1

    Score
    1/10
    • Target

      mimikatz-master/x64/mimidrv.sys

    • Size

      35KB

    • MD5

      c8541a9cef64589593e999968a0385b9

    • SHA1

      fe18c58fbd0a83d67920e037d522c176704d2ca3

    • SHA256

      f9b01406864ab081aa77eef4ad15cb2dd2f830d1ef54f52622a59ff1aeb05ba5

    • SHA512

      faf69095bf6ce18724163fcaaed851dc39949dcd21d4432c4d1734ccfbbe86c3e2bc17fd8c7c9b31b7e62f73e8a183852a358fe07f18570ce3281e2fe7b92bee

    • SSDEEP

      768:Si4mpA/ZBEAKaCTC/dBm8ipSfJvl1qlCGB8YluQYVHZC5islW:umaEAKEYaJlQlHB8YlhYJwisg

    Score
    10/10
    • Mimikatz

      mimikatz is an open source tool to dump credentials on Windows.

    • Mimikatz family

    • mimikatz is an open source tool to dump credentials on Windows

    • Target

      mimikatz-master/x64/mimikatz.exe

    • Size

      1.2MB

    • MD5

      e930b05efe23891d19bc354a4209be3e

    • SHA1

      d1f7832035c3e8a73cc78afd28cfd7f4cece6d20

    • SHA256

      92804faaab2175dc501d73e814663058c78c0a042675a8937266357bcfb96c50

    • SHA512

      a7a59176ca275d5d5ea6547108907bbe8ddbf3489308b3d6efe571b685de7e6263d36d6580abe9587a7f77adc22d3b7b164ad42845b6c110b794eaba7ab47ec6

    • SSDEEP

      24576:zLrEjqXg4NiXcmHVjIhlIyEeQ37uV3Ugmf4Yl0Q0V7FCR:zLZo1jFyjFJhmf4YlHWk

    Score
    1/10
    • Target

      mimikatz-master/x64/mimilib.dll

    • Size

      45KB

    • MD5

      eb05429d25fc57b476428cdb0a134b2f

    • SHA1

      1c6913248131b5784b923eff1e76a443f738affc

    • SHA256

      7ffce7f6d7262f214d78e6b7fd8d07119835cba4b04ce334260665d7c8fb369a

    • SHA512

      199cbef36efe00121dbc1e5126ee556a72090c5134f157aa48a89d5ab2b0a15116cb059a7387e5d29dd6a4cab2b584494baf32c9b388118107ab9fa53743bb3f

    • SSDEEP

      768:VWZZrWUCE5KuhECg1kQPbTk/Zm8b4snsFYzltrf0zlejdl0mHFBEhLF3YEhV7K:gP1vgKob4/Zm8bxsFmGlejdl5lBE/IE+

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks