mimikatz

Sharing

Copy URL

Twitter E-mail

General

Target

mimikatz_trunk.zip
Size

1.2MB
Sample

241220-a2x6esvqak
MD5

d2d3e1f8023b12fb89e400c7e8ecd7db
SHA1

4112ef95386ea4d1131be7c600d49a310e9d8f5b
SHA256

7accd179e8a6b2fc907e7e8d087c52a7f48084852724b03d25bebcada1acbca5
SHA512

6b20caba114996bf268d2dc5e857624f7ebad0c580c8054cfc53c5d9af6c7bf56a91f2a68e9a03101e8599c4e1ddd94ad2d37e38d92243d4c2b89370cfee80ad
SSDEEP

24576:YH9iKnN1lvn928lSnigsGXLwVOoEP2qMkKDYLUPMzahK:+X5vn9HlSigsGbwVOoAlRaYLUUr

Score

10^/10

mimikatz discovery

Malware Config

Targets

- Target
  
  Win32/mimidrv.sys
- Size
  
  29KB
- MD5
  
  0818699d065afcb1f397d578d3708dc2
- SHA1
  
  df107aa0214b914c645967eddff6fdda88152eba
- SHA256
  
  4ff7578df7293e50c9bdd48657a6ba0c60e1f6d06a2dd334f605af34fe6f75a5
- SHA512
  
  f6f89627a1be33788d576acebf16d36fbfa1b6f89d8cb9191771146231ccb5d77af11aa70640813e473872c83171cc4606f490d16d1bce322926046a5bc80cdd
- SSDEEP
  
  768:Bk0ByYHIVcmG9yJao/fZ+B8zlu7TVHZC5is5c:BZyYGG92LHMB8zl8TJwism
Score

10^/10

mimikatz
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- Mimikatz family
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
behavioral1
- Target
  
  Win32/mimikatz.exe
- Size
  
  1.0MB
- MD5
  
  d3b17ddf0b98fd2441ed46b033043456
- SHA1
  
  93ed68c7e5096d936115854954135d110648e739
- SHA256
  
  94795fd89366e01bd6ce6471ff27c3782e2e16377a848426cf0b2e6baee9449b
- SHA512
  
  cac2230361981323ea998c08f7d9afc9369c62a683a60421628adab1eb1e4ffbbc9c2239a8bf66cb662ad7d56e7284f9051bb548979b8c6862570ce45aa27120
- SSDEEP
  
  24576:uiDjF7X3YoGq4tC1YJk+3nWBkDeq26iLutKcEY4:u05YjqakE3Aq2vu7E
Score

3^/10

discovery
behavioral2
- Target
  
  Win32/mimilib.dll
- Size
  
  31KB
- MD5
  
  46e598798bdde4c72e796edcf2317b52
- SHA1
  
  e00efa11ab8464e665f2a1d526e94cca5c71d9fa
- SHA256
  
  e60c210687e79347d06f9a144ee84417ba9ac4c1f303720f2fe4509734d670d6
- SHA512
  
  c384fe4cd20dc97b53a26593d30b6c5d8d3665f957019b555bad956cc4e238b50216f47af7fa4ad9bd03d30d323b811aa0e32dcea2e25a9df6855a65dcea9a9d
- SSDEEP
  
  384:ZPqreMGv6SqMDjuPRjL9sapJcos+uOiZESsQDygQ2Unn7PAss3sWqWyXO4hMnAl3:lrEdpJLFiq3GO7bs3sdEFyQejil0Tn
Score

3^/10

discovery
behavioral3
- Target
  
  Win32/mimilove.exe
- Size
  
  24KB
- MD5
  
  c67f3497c310c01018f599b3eebae99e
- SHA1
  
  d73e52e55b1ad65015886b3a01b1cc27c87e9952
- SHA256
  
  cc585d962904351ce1d92195b0fc79034dc3b13144f7c7ff24cd9f768b25e9ef
- SHA512
  
  1205b5a9a9d2f3fabcce7e53e70e4efce08b21469ae64120beaee67a828d12eeeecddc623b453105ed15990fcc7bbce53175eca6545007f9d68c0aee66e55bc0
- SSDEEP
  
  768:LK73LxCEQskxjvDoR8a4Tj9gwF6VLCx2l/:LK5uGRl4f9dqCx2l
Score

3^/10

discovery
behavioral4
- Target
  
  Win32/mimispool.dll
- Size
  
  10KB
- MD5
  
  dab7a18b02399053ba3ff1e568789fce
- SHA1
  
  ceee090c9ee8279d6410d8d450d55acb81d34766
- SHA256
  
  05842de51ede327c0f55df963f6de4e32ab88f43a73b9e0e1d827bc70199eff0
- SHA512
  
  6dd0ade4112d7ed44c090f81614ed2f1d84cfcb25a45b08d22b3fa74e4e3f9b99f719f8bca9c1f03d13757f38eac072bb4d55e229c478524bf348f76fc3e36dd
- SSDEEP
  
  192:I191rqbIcL9uD3nhKlWUEHRl1RtnIDKwIb/DtC0uolZC7:RRgDXhKAUQlftO6tC0uols
Score

3^/10

discovery
behavioral5
- Target
  
  x64/mimidrv.sys
- Size
  
  36KB
- MD5
  
  3e528207ca374123f63789195a4aedde
- SHA1
  
  2616372f708a6fb9665cd28206f4c7de6458f5c5
- SHA256
  
  d30f51bfd62695df96ba94cde14a7fae466b29ef45252c6ad19d57b4a87ff44e
- SHA512
  
  73f83b881e0e329493f6b2ac299ea0b9d9d1b04dc8a4705f78ae3f82b1a3e012db9202079f7e7dff5ad4431d3a8e7e2fb42d3f0963d66ab9a6aa0bf2cfa02c41
- SSDEEP
  
  768:6PVvAF3Sz0Kp4TC/ndBK8ipSPnA+vl1qlCGB8zlu0RVHZC5isg:mVvPz0K3EyDlQlHB8zl9RJwisg
Score

1^/10
behavioral6
- Target
  
  x64/mimikatz.exe
- Size
  
  1.3MB
- MD5
  
  29efd64dd3c7fe1e2b022b7ad73a1ba5
- SHA1
  
  e3b6ea8c46fa831cec6f235a5cf48b38a4ae8d69
- SHA256
  
  61c0810a23580cf492a6ba4f7654566108331e7a4134c968c2d6a05261b2d8a1
- SHA512
  
  f00b1ab035aa574c70f6b95b63f676fa75ff8f379f92e85ad5872c358a6bb1ed5417fdd226d421307a48653577ca42aba28103b3b2d7a5c572192d6e5f07e8b3
- SSDEEP
  
  24576:0CgjBAeu8iuUHGzkuBhzy2F+yVICFPC27rIlve3NuacODvsG:0CI7XBE2IuF64rIlmdii
Score

1^/10
behavioral7
- Target
  
  x64/mimilib.dll
- Size
  
  36KB
- MD5
  
  67651e9d2da634adedbe216948d5f752
- SHA1
  
  0731bd320633a6d1ca7835e2bba2c5ee5429b293
- SHA256
  
  aef6ce3014add838cf676b57957d630cd2bb15b0c9193cf349bcffecddbc3623
- SHA512
  
  88c7de54fd036a3052a49e52a8bb868e1cd67856b8ef1d0f2ad1151f663addf1d9435fb98f83a24cc16ffd832500061b64399c9fe82edcb83404f59daf7bfd47
- SSDEEP
  
  768:CsdDjdgqUQv+EAZJimW8ahsNekFkTn5btsnsFfZ9kYeUveejil0g:vU+LuaaQkFkTn5b+sFhW7ejil
Score

1^/10
behavioral8
- Target
  
  x64/mimispool.dll
- Size
  
  10KB
- MD5
  
  c6cc0def7d584f431d69126c1cc33a20
- SHA1
  
  ea2646a646662909cd2bf5443e6b0030fb3cc6eb
- SHA256
  
  66928c3316a12091995198710e0c537430dacefac1dbe78f12a331e1520142bd
- SHA512
  
  17199e1be5d40744ae92d5d1b143645fcd0e413b92696fdaeb673785549bf20f4952a19887fe5c14cddbdfa435320a79044510d0de4e2c52fa26a1d2bfd83826
- SSDEEP
  
  192:DGMoIQaZcsBTSWoH6DlI0zPQ4Ib/me0C0uolZC7:VJxgWFlVC50C0uols
Score

1^/10
behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Mimikatz family

mimikatz is an open source tool to dump credentials on Windows

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

We care about your privacy.