Overview
overview
10Static
static
10Win32/mimidrv.sys
windows7-x64
10Win32/mimidrv.sys
windows10-2004-x64
10Win32/mimikatz.exe
windows7-x64
3Win32/mimikatz.exe
windows10-2004-x64
3Win32/mimilib.dll
windows7-x64
3Win32/mimilib.dll
windows10-2004-x64
3Win32/mimilove.exe
windows7-x64
3Win32/mimilove.exe
windows10-2004-x64
3Win32/mimispool.dll
windows7-x64
3Win32/mimispool.dll
windows10-2004-x64
3x64/mimidrv.sys
windows7-x64
10x64/mimidrv.sys
windows10-2004-x64
10x64/mimikatz.exe
windows7-x64
1x64/mimikatz.exe
windows10-2004-x64
1x64/mimilib.dll
windows7-x64
1x64/mimilib.dll
windows10-2004-x64
1x64/mimispool.dll
windows7-x64
1x64/mimispool.dll
windows10-2004-x64
1General
-
Target
mimikatz_trunk.7z
-
Size
879KB
-
Sample
241118-t4wj6a1dmn
-
MD5
9b161e8fe171550ff1116c11e62b734f
-
SHA1
1890075e36c792d99aecb57424cffbdbcbe6215f
-
SHA256
1f2338d7b628374139d373af383a1bdec1a16b43ced015849c6be4e4d90cc2c3
-
SHA512
e877464194c5af4a92682a4b323173a7f9940e96e7abf847dc18d63ec54d01f14d6c43f7cad44e9cae3b2a6ec0d4ab8cc9798047e839a9b1c6fb2358e309558c
-
SSDEEP
24576:VVS8/iDSEVeuUaR1XMuzs65mOwhkVahwu5Opo:V88/i+EVpUaR18ot6ye5Opo
Behavioral task
behavioral1
Sample
Win32/mimidrv.sys
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Win32/mimidrv.sys
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Win32/mimikatz.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Win32/mimikatz.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
Win32/mimilib.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Win32/mimilib.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Win32/mimilove.exe
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
Win32/mimilove.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Win32/mimispool.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Win32/mimispool.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
x64/mimidrv.sys
Resource
win7-20240729-en
Behavioral task
behavioral12
Sample
x64/mimidrv.sys
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
x64/mimikatz.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
x64/mimikatz.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
x64/mimilib.dll
Resource
win7-20241010-en
Behavioral task
behavioral16
Sample
x64/mimilib.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
x64/mimispool.dll
Resource
win7-20241010-en
Behavioral task
behavioral18
Sample
x64/mimispool.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Win32/mimidrv.sys
-
Size
29KB
-
MD5
0818699d065afcb1f397d578d3708dc2
-
SHA1
df107aa0214b914c645967eddff6fdda88152eba
-
SHA256
4ff7578df7293e50c9bdd48657a6ba0c60e1f6d06a2dd334f605af34fe6f75a5
-
SHA512
f6f89627a1be33788d576acebf16d36fbfa1b6f89d8cb9191771146231ccb5d77af11aa70640813e473872c83171cc4606f490d16d1bce322926046a5bc80cdd
-
SSDEEP
768:Bk0ByYHIVcmG9yJao/fZ+B8zlu7TVHZC5is5c:BZyYGG92LHMB8zl8TJwism
Score10/10-
Mimikatz family
-
mimikatz is an open source tool to dump credentials on Windows
-
-
-
Target
Win32/mimikatz.exe
-
Size
1.0MB
-
MD5
d3b17ddf0b98fd2441ed46b033043456
-
SHA1
93ed68c7e5096d936115854954135d110648e739
-
SHA256
94795fd89366e01bd6ce6471ff27c3782e2e16377a848426cf0b2e6baee9449b
-
SHA512
cac2230361981323ea998c08f7d9afc9369c62a683a60421628adab1eb1e4ffbbc9c2239a8bf66cb662ad7d56e7284f9051bb548979b8c6862570ce45aa27120
-
SSDEEP
24576:uiDjF7X3YoGq4tC1YJk+3nWBkDeq26iLutKcEY4:u05YjqakE3Aq2vu7E
Score3/10 -
-
-
Target
Win32/mimilib.dll
-
Size
31KB
-
MD5
46e598798bdde4c72e796edcf2317b52
-
SHA1
e00efa11ab8464e665f2a1d526e94cca5c71d9fa
-
SHA256
e60c210687e79347d06f9a144ee84417ba9ac4c1f303720f2fe4509734d670d6
-
SHA512
c384fe4cd20dc97b53a26593d30b6c5d8d3665f957019b555bad956cc4e238b50216f47af7fa4ad9bd03d30d323b811aa0e32dcea2e25a9df6855a65dcea9a9d
-
SSDEEP
384:ZPqreMGv6SqMDjuPRjL9sapJcos+uOiZESsQDygQ2Unn7PAss3sWqWyXO4hMnAl3:lrEdpJLFiq3GO7bs3sdEFyQejil0Tn
Score3/10 -
-
-
Target
Win32/mimilove.exe
-
Size
24KB
-
MD5
c67f3497c310c01018f599b3eebae99e
-
SHA1
d73e52e55b1ad65015886b3a01b1cc27c87e9952
-
SHA256
cc585d962904351ce1d92195b0fc79034dc3b13144f7c7ff24cd9f768b25e9ef
-
SHA512
1205b5a9a9d2f3fabcce7e53e70e4efce08b21469ae64120beaee67a828d12eeeecddc623b453105ed15990fcc7bbce53175eca6545007f9d68c0aee66e55bc0
-
SSDEEP
768:LK73LxCEQskxjvDoR8a4Tj9gwF6VLCx2l/:LK5uGRl4f9dqCx2l
Score3/10 -
-
-
Target
Win32/mimispool.dll
-
Size
10KB
-
MD5
dab7a18b02399053ba3ff1e568789fce
-
SHA1
ceee090c9ee8279d6410d8d450d55acb81d34766
-
SHA256
05842de51ede327c0f55df963f6de4e32ab88f43a73b9e0e1d827bc70199eff0
-
SHA512
6dd0ade4112d7ed44c090f81614ed2f1d84cfcb25a45b08d22b3fa74e4e3f9b99f719f8bca9c1f03d13757f38eac072bb4d55e229c478524bf348f76fc3e36dd
-
SSDEEP
192:I191rqbIcL9uD3nhKlWUEHRl1RtnIDKwIb/DtC0uolZC7:RRgDXhKAUQlftO6tC0uols
Score3/10 -
-
-
Target
x64/mimidrv.sys
-
Size
36KB
-
MD5
3e528207ca374123f63789195a4aedde
-
SHA1
2616372f708a6fb9665cd28206f4c7de6458f5c5
-
SHA256
d30f51bfd62695df96ba94cde14a7fae466b29ef45252c6ad19d57b4a87ff44e
-
SHA512
73f83b881e0e329493f6b2ac299ea0b9d9d1b04dc8a4705f78ae3f82b1a3e012db9202079f7e7dff5ad4431d3a8e7e2fb42d3f0963d66ab9a6aa0bf2cfa02c41
-
SSDEEP
768:6PVvAF3Sz0Kp4TC/ndBK8ipSPnA+vl1qlCGB8zlu0RVHZC5isg:mVvPz0K3EyDlQlHB8zl9RJwisg
Score10/10-
Mimikatz family
-
mimikatz is an open source tool to dump credentials on Windows
-
-
-
Target
x64/mimikatz.exe
-
Size
1.3MB
-
MD5
29efd64dd3c7fe1e2b022b7ad73a1ba5
-
SHA1
e3b6ea8c46fa831cec6f235a5cf48b38a4ae8d69
-
SHA256
61c0810a23580cf492a6ba4f7654566108331e7a4134c968c2d6a05261b2d8a1
-
SHA512
f00b1ab035aa574c70f6b95b63f676fa75ff8f379f92e85ad5872c358a6bb1ed5417fdd226d421307a48653577ca42aba28103b3b2d7a5c572192d6e5f07e8b3
-
SSDEEP
24576:0CgjBAeu8iuUHGzkuBhzy2F+yVICFPC27rIlve3NuacODvsG:0CI7XBE2IuF64rIlmdii
Score1/10 -
-
-
Target
x64/mimilib.dll
-
Size
36KB
-
MD5
67651e9d2da634adedbe216948d5f752
-
SHA1
0731bd320633a6d1ca7835e2bba2c5ee5429b293
-
SHA256
aef6ce3014add838cf676b57957d630cd2bb15b0c9193cf349bcffecddbc3623
-
SHA512
88c7de54fd036a3052a49e52a8bb868e1cd67856b8ef1d0f2ad1151f663addf1d9435fb98f83a24cc16ffd832500061b64399c9fe82edcb83404f59daf7bfd47
-
SSDEEP
768:CsdDjdgqUQv+EAZJimW8ahsNekFkTn5btsnsFfZ9kYeUveejil0g:vU+LuaaQkFkTn5b+sFhW7ejil
Score1/10 -
-
-
Target
x64/mimispool.dll
-
Size
10KB
-
MD5
c6cc0def7d584f431d69126c1cc33a20
-
SHA1
ea2646a646662909cd2bf5443e6b0030fb3cc6eb
-
SHA256
66928c3316a12091995198710e0c537430dacefac1dbe78f12a331e1520142bd
-
SHA512
17199e1be5d40744ae92d5d1b143645fcd0e413b92696fdaeb673785549bf20f4952a19887fe5c14cddbdfa435320a79044510d0de4e2c52fa26a1d2bfd83826
-
SSDEEP
192:DGMoIQaZcsBTSWoH6DlI0zPQ4Ib/me0C0uolZC7:VJxgWFlVC50C0uols
Score1/10 -