Domain Cached Credentials 2 not working.
#1
Hey guys. I was able to capture some cached credentials (my own) by using creddump's cachedump funktion. 

The output looked like this: user:hash:domain:proxy (at least I'm pretty sure it's the proxy). 

Now I know it has to be DCC2, since it's running on Windows 7 but if I enter this in hashcat I get: 
"Signature unmatched".

If I try to crack it with DCC I have to change the hash into 'hash:user'. It may run this way, but it does not find any PW. Since I know the password and entered it into my wordlist, it should find it if it was DCC. 

So can anyone tell me what I'm doing wrong and maybe help me in identifying the hash type?

Thanks in advance!
#2
https://hashcat.net/wiki/doku.php?id=example_hashes

should be like that

$DCC2$10240#USER#12adf123dc123c12c12fed1234b12345
#3
Yes I know, that's why I'm asking what hash it could be Smile

So I used the DCC2 template and added my user and hash and now it works. Thanks!
#4
post what command are u using + if u want u can send me the creds(hash) and the password in a pm to see if the issue happen to me to