mimikatz | 1b8e19d90f8fccfbf6c7448315085464150553e0f901a5b816ace97b2b9b53ab | Triage

Submit
Reports

Overview

overview

Static

static

3

beacon_x64.exe

windows7-x64

beacon_x64.exe

windows10-2004-x64

8

Sharing

General

Target

beacon_x64.exe
Size

321KB
Sample

241215-w3rwpasmcz
MD5

c27f56b0de8b01665662e3a1b22aa582
SHA1

44950fe971cfea5e5613ff1787082e353e3e38eb
SHA256

1b8e19d90f8fccfbf6c7448315085464150553e0f901a5b816ace97b2b9b53ab
SHA512

be0c63d709a446d6cb2d05699da9fec004a0a3d0a748268191da57bce85dd03f677a12d0bfdf7bd1f0d229cda875fbc7f4a8bfaede22fbd2ee581d51baa7ab5c
SSDEEP

6144:CR25Bc7SRe7ZZ/o9Uu8iiK3X8JGjToWyRFZVrM8LyNsAGqmh6+X+sTJJUqYUJn:9BfCeX8eeRFZVVyQhXt12

Score

10^/10

mimikatz

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

beacon_x64.exe

Resource

win7-20240903-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

beacon_x64.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  beacon_x64.exe
- Size
  
  321KB
- MD5
  
  c27f56b0de8b01665662e3a1b22aa582
- SHA1
  
  44950fe971cfea5e5613ff1787082e353e3e38eb
- SHA256
  
  1b8e19d90f8fccfbf6c7448315085464150553e0f901a5b816ace97b2b9b53ab
- SHA512
  
  be0c63d709a446d6cb2d05699da9fec004a0a3d0a748268191da57bce85dd03f677a12d0bfdf7bd1f0d229cda875fbc7f4a8bfaede22fbd2ee581d51baa7ab5c
- SSDEEP
  
  6144:CR25Bc7SRe7ZZ/o9Uu8iiK3X8JGjToWyRFZVrM8LyNsAGqmh6+X+sTJJUqYUJn:9BfCeX8eeRFZVVyQhXt12
Score

10^/10

mimikatz
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- Mimikatz family
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
- Blocklisted process makes network request
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy