mimikatz | c2e1ba266aa158636ea3470ba6ab7084bb65d6811131c550d8c6357ca0bbaedd | Triage

Sharing

General

Target

arsenal-kit20240125.tgz
Size

3.0MB
Sample

250209-gb6s7sxjgs
MD5

b6b8000d3de1c6b050be5ea9513fc81d
SHA1

aa5aff54e1a1256428ef401e5c8ecb9bba25c08a
SHA256

c2e1ba266aa158636ea3470ba6ab7084bb65d6811131c550d8c6357ca0bbaedd
SHA512

621ddb1c1fa8e6e9a7b795df72159cd455916e90b14aa0afef1e2e430c5dd5f3623712e010027c55eaf566176ce1dd3587f90bcca80a1da90a12d10ce87134d4
SSDEEP

49152:iBKJP4orMdFAobmCaVhoZ2gmfDe8n7/dZ2s9QsPKIl3SmA+IkRi6aRk5DUup:HBsFttaVKyj5Z7QY1hIks6gODUup

Score

10^/10

mimikatz discovery linux

Malware Config

Targets

- Target
  
  sample
- Size
  
  6.8MB
- MD5
  
  0dafc97918235429b5f61693a4b07c75
- SHA1
  
  e9088b9e704f491e69ea5f43b3cf23218407ced7
- SHA256
  
  80296f96f441ae50c626a68a585c76a1da42c690fdc5dda92a6b98501b8bd499
- SHA512
  
  674abe9a3995d54f2c0a8bfa6979d7b481bbc5aaa0eec1988b913e70df8f6b16be59eafdbb013cefec964cd8762606ff761e02811ad66f1d5d9904c3874aea50
- SSDEEP
  
  49152:iVrV7/4s9R/FhdotBjtp5kU359UKnVTOmXtrVi/qE37M45w63GKDVHsSvU2DXeim:kiAvmDZPPXtw3ZWYVVy1LlYbmd
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral1 behavioral2
- Target
  
  arsenal-kit/build_arsenal_kit.sh
- Size
  
  5KB
- MD5
  
  fc74972f39293664c3c1746c37ed4e25
- SHA1
  
  770421189ad3cfb9ba2a733ca6af9ebd21aef6e9
- SHA256
  
  371080f6247c2b9743c4828abc5ed64734b6a4e5930e5dbc885710774fab0ad7
- SHA512
  
  1e9540223756288ae84bf8063d48d21c18f66b116ab6af0937f66e9f880419ccee141c6b9a026fb764b9d74f63860df245b202621157e480fd68358c24944ad7
- SSDEEP
  
  96:vMdTc1ieDQr/HNJIvnezOyWo7lrOpHtD786EI8rBH8zIx+8vWm8khImw8a24:vMVc1B0Lt4eyyWo5rODwbpxy8IA4
Score

3^/10

discovery
behavioral3 behavioral4 behavioral5 behavioral6
- Target
  
  arsenal-kit/kits/artifact/build.sh
- Size
  
  11KB
- MD5
  
  1ca0b41a49465cb7e2b09dc77f696493
- SHA1
  
  a0796a6e95ea2eddf2827615dbd562630eb3a86e
- SHA256
  
  426227c431c1b2d9c3611d6bd2c40dbc51d86742d6606284c63e1331d764306c
- SHA512
  
  323ae3cce41cf78f5e6f6c6ad3a1f66dca2152c81bf193487859c334f190c6a782f91927a8fb68f0ac1d9d6570b4d6a1d7139ff575d2ef70c46a0c6ebc1f8e1a
- SSDEEP
  
  192:KziEPZN+jqgjugjukjQPQkzwrv+3ELTg2FjI+9g:KjO/tdaeFra
Score

1^/10
behavioral10 behavioral7 behavioral8 behavioral9
- Target
  
  arsenal-kit/kits/mimikatz/build.sh
- Size
  
  1KB
- MD5
  
  5b666ac7a01ca8eb29c17aba7f8f888d
- SHA1
  
  673df941d3b971aed6bc0fbb2838635fa5f92661
- SHA256
  
  0899cc580588d222492e818cfdc440a7ab11eab169e9fd17ba8f95670cd47c0c
- SHA512
  
  62b5e65fb7fca0baec34e582970f2c3b738552bcc9a1fe4c9d6a03ec77a9a618274bee693bac24797b54bb0c287aff2fabefe4deedef61b90363be8a39d80b7d
Score

1^/10
behavioral11 behavioral12 behavioral13 behavioral14
- Target
  
  arsenal-kit/kits/mimikatz/mimikatz-chrome.x64.dll
- Size
  
  755KB
- MD5
  
  b7a9fd5f3d601dc82c174f1dafac5799
- SHA1
  
  bb9a0a9d7e55956a6d329ceb9c55a6bb9fa8b671
- SHA256
  
  a384d3574295d3f2763630a3d6643d6f759d45d4e10deb3a73d76a711145903b
- SHA512
  
  7dffc525ab1de207a7ae1528dd0271445e8d747c06edec6b9a330aa5bc4a98556ca89d0caffb1d757d9b25d9da1f7083d46b13971535bb7de44ae9ed9db8d4b8
- SSDEEP
  
  12288:6pqa+BSpgo7ttLU5/qlPiHe1euStur4mHC3d3X:6pq7SqoZtg/qFiHqe7M4mO
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral15 behavioral16
- Target
  
  arsenal-kit/kits/mimikatz/mimikatz-chrome.x86.dll
- Size
  
  623KB
- MD5
  
  c944bbd13ac4904fb3b31c3e2f2b27d0
- SHA1
  
  d2e6d62a0a13acd547595f6fa27a3fde96c68c15
- SHA256
  
  a33eb47904d7a3b0949d79c3a6051e28e171315082eb896e6b9c688922311c7a
- SHA512
  
  bc7b278710393f9023b98a02749e0561784784c2a329e87cd2a0dabfc9e5c2a9f77418af2701d1f7844df7795422810f47fab479fbed64ca19010110ec9d9d36
- SSDEEP
  
  12288:qmy/sRoFPtR64fVYapNN+DI4dS+1Ob9RtxFrdi4TdNwlyo2VODETcL9hR:q3/PFPtR6YVYaXP4E+0b9R/FhdKF20wO
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral17 behavioral18
- Target
  
  arsenal-kit/kits/mimikatz/mimikatz-full.x64.dll
- Size
  
  794KB
- MD5
  
  4731f876ba17d82c40c1eed6f597f01b
- SHA1
  
  c725f30a87b933f88dc67be5f6f0ef45f706ed50
- SHA256
  
  4d2e1030fd2e16680f6dbfc630f4fd4180df10131fe25d5826f36bae9619a1f3
- SHA512
  
  b9739e0909220df5c22be2c4d7c6c96fcec2d961dcb1e8ecbfff6477bd1dfd84b77bb603fb41926bb842e418268912dfe08a44b2759db2a1dcfdab8d54d73739
- SSDEEP
  
  12288:t7dTlpmkvMUAbasJU9obUszuhGhF7xYznVemd5vVAobOm:ddTlp5kU3su9ow4KnVhntAqOm
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral19 behavioral20
- Target
  
  arsenal-kit/kits/mimikatz/mimikatz-full.x86.dll
- Size
  
  687KB
- MD5
  
  2137195fbba50f73f0f17693484d451e
- SHA1
  
  006517389486662290918daecacedcaf65a9baa4
- SHA256
  
  9ba86ae2808fe8df76a52001ef765b5ad3216447d0c0148dc719c6b9527c0e2d
- SHA512
  
  d4fd9c156081ebf26ae466bbdf21b7b7f7a0b2f489170a57409eaccf270a3d3b7313f896411d4346e5d01c466bfdcc12e132cf3835efd5aed2fc40139ecba9c0
- SSDEEP
  
  6144:84we2712GJRf9/r3qEVltgK8uFWt3FdW08iXqq49ipmwlXm0S3mnhtXtaY+z4:fweIJRftr3nVMK8pF38gqFimdGfaX4
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral21 behavioral22
- Target
  
  arsenal-kit/kits/mimikatz/mimikatz-max.x64.dll
- Size
  
  1.4MB
- MD5
  
  54dd9c585fee9b75424a1b2fa3584828
- SHA1
  
  f9a73c62d2bda9993f986d2cffd032221a2100ac
- SHA256
  
  8db53b8aefd68e1bf4dfd3fbf65b71cd636fc25c433e42e9d9fed9ca6866905a
- SHA512
  
  466cfd47b99af39fb1b2ad04e052508df563c2742ee4a49e2ac5423d9138d28fc5f07bd7c87e57415345d6fc120f7a81ab7c0bc55a54fa7c0ebcbce61f32d770
- SSDEEP
  
  24576:bBgHR3EXWCdNwPvUlw2oXeiqt5hsWNoikNN0:SHsSvU2DXeiqt5WWqa
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral23 behavioral24
- Target
  
  arsenal-kit/kits/mimikatz/mimikatz-max.x86.dll
- Size
  
  1.1MB
- MD5
  
  564403d232ac0036429252d78345c463
- SHA1
  
  1ee91ad43fdd291c0a4d15603762ffa7f24e9f68
- SHA256
  
  4cee15302a5e78ca9221c1fa2206e7bf97322fdf40580dc2df506901c8ba5c61
- SHA512
  
  908d5b4fbbb58afa50feeafa4b04bb4573db8177d147347d485ce276e79974a9c64e804e2e4811a4a5f39c67380cafb32defe209424e3dacabcb08d7e2065e63
- SSDEEP
  
  24576:9UmExe7s3hUGZ4MSmeD0OkuyhsxxJ3GeBlpg0gyG+:9UBlSMNg0ThsxxJ3zm0
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral25 behavioral26
- Target
  
  arsenal-kit/kits/mimikatz/mimikatz-min.x64.dll
- Size
  
  305KB
- MD5
  
  691d313252b129f6ef9f949cf5aa383d
- SHA1
  
  87e28712a05932a194354d583e3829d49c77231c
- SHA256
  
  d091deec20b2066fb653f1e5d2473b9359852203e41322daa3d584261822d49d
- SHA512
  
  236eedded3e85c1541ce8e766041576908e2db9f1541d982acae688a58dfb262356f27d05f50af3b0526aaa2dcf38c3792943a0c5db2402540a61a237999983e
- SSDEEP
  
  3072:LKyp/Enkyg5+yr9E4C7ax49Ovsi9sARHGQJYGJKDQkRbTKEkfaGFAV6IgmG3FNrc:hp/ooIK2h7q4TAAQWnbTSCGFAlfioM
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  arsenal-kit/kits/mimikatz/mimikatz-min.x86.dll
- Size
  
  270KB
- MD5
  
  ed9fda842eb2549bb6017e69eb3d06ec
- SHA1
  
  242c7354e69527307c29c25f25c44b37ce40dfdf
- SHA256
  
  8ebe20638b2a474870cc0a3a3286ebe6a4b5062e24600ff0ea9de6af16548ee5
- SHA512
  
  43caf63b732338ec77a019e3e0503cafcd619600a277e3266a76305a5e2034969b0c61ae3443ff6260083b6dfbbf3ed69b40964e2975a3bdf64ee758c4314e3d
- SSDEEP
  
  3072:K8X625abdx3v/1TOg8Bb7wZxqjpsBUD65VZEW/ZpdG4E5RhjLsFx593FNb51sBoc:K8rEznxZ8Bwjq0EWhmiH5W6X
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral29 behavioral30
- Target
  
  arsenal-kit/kits/mutator/docker_mutator.sh
- Size
  
  868B
- MD5
  
  1c496177776c56ec482fc7bf6cd28886
- SHA1
  
  87ebc5769dc93db86cd8c51931c85438fe1231d5
- SHA256
  
  06d3143fff83da62b6952aec4875f5869445a5c9b35c7ebde97736681b01a304
- SHA512
  
  959380e293100861c68959c8645b571b4f1ac727e7da3e052bcd1a9810f85ca1124cbb24eb7c8373ce99b9125757984882bf90a4f8732239fd74c45307e2d54a
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32