Overview

overview

10

Static

static

1

.html

windows11-21h2-x64

10

Resubmissions

22-01-2025 12:48

250122-p189maxjfs 10

22-01-2025 12:46

250122-pzmdgaxjat 10

22-01-2025 12:43

250122-pxynqawrcy 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    .

  • Size

    474B

  • Sample

    250122-pzmdgaxjat

  • MD5

    10957f24772eea915bc129c12ad964c9

  • SHA1

    875b9ce0b9fe2f519d28cc8a3e8e957db9779360

  • SHA256

    218a3a1f233acd4e53bc25d4be1919a926cf72ac5f787c779c8b52e3c9a66e44

  • SHA512

    dd351894c8596e496a8e3ee3411e7b4a9cca1b9d13919eaa333c1b093377c18c93d8b2002b36027fb398685907b558a9021e60d8af51b2711c4452b1ff8d1602

Score
10/10
badrabbitmimikatzdefense_evasiondiscoveryransomware

Malware Config

Targets

    • Target

      .

    • Size

      474B

    • MD5

      10957f24772eea915bc129c12ad964c9

    • SHA1

      875b9ce0b9fe2f519d28cc8a3e8e957db9779360

    • SHA256

      218a3a1f233acd4e53bc25d4be1919a926cf72ac5f787c779c8b52e3c9a66e44

    • SHA512

      dd351894c8596e496a8e3ee3411e7b4a9cca1b9d13919eaa333c1b093377c18c93d8b2002b36027fb398685907b558a9021e60d8af51b2711c4452b1ff8d1602

    Score
    10/10
    badrabbitmimikatzdefense_evasiondiscoveryransomware

    • BadRabbit

      Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.

      ransomwarebadrabbit

    • Badrabbit family

      badrabbit

    • Mimikatz

      mimikatz is an open source tool to dump credentials on Windows.

      mimikatz

    • Mimikatz family

      mimikatz

    • mimikatz is an open source tool to dump credentials on Windows

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks