Analyse score
9 antivirus venders flagged
this file as malicious
Signature
Signed file, invalid signature
Last scanned
First submission
File type
exe
9 antivirus venders flagged
this file as malicious
Signed file, invalid signature
exe
CRC32 | 0xf45b547b |
---|---|
MD5 | 8af476e24db8d3cd76b2d8d3d889bb5c |
Magic | PE32+ executable (console) x86-64, for MS Windows |
SHA1 | 3d62d29b8752da696caa9331f307e067bc371231 |
SHA256 | 9a3bf7ba676bf2f66b794f6cf27f8617f298caa4ccf2ac1ecdcbbef260306194 |
SHA512 | 465b25adc0144a6ac2e5f45e7c8eae2b2dc81ba45f0209b19935e7c0f63d3af6fc2f36a7e29c03cf087e0a3712858d2f945a8c25fa7a0606e2abdb80d2e0320c |
SSDeep | 24576:72n01WfpqNUCrEM3IwzDRH9VVuGjuT85c:72lpqSC4UIwzldVVuGjuTR |
Size | 996.65KB |
Packer |
|
TrID |
|
Tags |
CharacterSet | Unicode |
---|---|
CodeSize | 604.50KB |
CompanyName | gentilkiwi (Benjamin DELPY) |
EntryPoint | 0x91458 |
ExifToolVersionNumber | 12.57 |
FileDescription | mimikatz for Windows |
FileFlags | Pre-release, Private build, Special build |
FileFlagsMask | 0x003f |
FileOs | Windows NT |
FileSize | 1021 kB |
FileSubtype | 0 |
Published | Name | Source | Country |
---|---|---|---|
mimikatz.exe | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!