| SYMBOL | COMMON_NAME | aka. SYNONYMS |
win.mimikatz (Back to overview)
MimiKatz
Actor(s): APT32, Anunak, GALLIUM
Varonis summarizes Mimikatz as an open-source application that allows users to view and save authentication credentials like Kerberos tickets. Benjamin Delpy continues to lead Mimikatz developments, so the toolset works with the current release of Windows and includes the most up-to-date attacks.
Attackers commonly use Mimikatz to steal credentials and escalate privileges: in most cases, endpoint protection software and anti-virus systems will detect and delete it. Conversely, pentesters use Mimikatz to detect and exploit vulnerabilities in your networks so you can fix them.
References
| 2025-03-20
⋅
Cisco Talos
⋅
UAT-5918 targets critical infrastructure entities in Taiwan LaZagne JuicyPotato Meterpreter MimiKatz UAT-5918 |
| 2024-10-30
⋅
Palo Alto Networks Unit 42
⋅
Jumpy Pisces Engages in Play Ransomware Dtrack MimiKatz PLAY Sliver |
| 2024-09-22
⋅
BushidoToken
⋅
The Russian APT Tool Matrix MimiKatz reGeorg |
| 2024-08-29
⋅
Securonix
⋅
From Cobalt Strike to Mimikatz: A Deep Dive into the SLOW#TEMPEST Campaign Targeting Chinese Users Cobalt Strike MimiKatz |
| 2024-05-23
⋅
Palo Alto Networks Unit 42
⋅
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia Agent Racoon CHINACHOPPER Ghost RAT JuicyPotato MimiKatz Ntospy PlugX SweetSpecter TunnelSpecter CL-STA-0043 |
| 2023-10-26
⋅
⋅
ANSSI
⋅
Attack Campaigns of APT28 since 2021 CredoMap DriveOcean Empire Downloader Graphite MimiKatz Mocky LNK reGeorg |
| 2023-10-10
⋅
Symantec
⋅
Grayling: Previously Unseen Threat Actor Targets Multiple Organizations in Taiwan Cobalt Strike Havoc MimiKatz Grayling |
| 2023-09-22
⋅
Palo Alto Networks Unit 42
⋅
Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda Cobalt Strike MimiKatz RemCom ShadowPad TONESHELL |
| 2023-09-12
⋅
⋅
ANSSI
⋅
FIN12: A Cybercriminal Group with Multiple Ransomware BlackCat Cobalt Strike Conti Hive MimiKatz Nokoyawa Ransomware PLAY Royal Ransom Ryuk SystemBC |
| 2023-09-07
⋅
CISA
⋅
Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 Meterpreter MimiKatz |
| 2023-08-22
⋅
⋅
AhnLab
⋅
Analyzing the new attack activity of the Andariel group Andardoor MimiKatz QuiteRAT Tiger RAT Volgmer |
| 2023-08-22
⋅
AhnLab
⋅
Analysis of APT Attack Cases Targeting Web Services of Korean Corporations Ladon Meterpreter MimiKatz Dalbit |
| 2023-04-12
⋅
Kaspersky Labs
⋅
Following the Lazarus group by tracking DeathNote campaign Bankshot BLINDINGCAN ForestTiger LambLoad LPEClient MimiKatz NedDnLoader Racket Downloader Volgmer |
| 2023-04-03
⋅
Mandiant
⋅
ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access LaZagne BlackCat MimiKatz |
| 2023-03-16
⋅
Palo Alto Networks Unit 42
⋅
Bee-Ware of Trigona, An Emerging Ransomware Strain Cryakl MimiKatz Trigona |
| 2023-02-13
⋅
AhnLab
⋅
Dalbit (m00nlight): Chinese Hacker Group’s APT Attack Campaign Godzilla Webshell ASPXSpy BlueShell CHINACHOPPER Cobalt Strike Ladon MimiKatz Dalbit |
| 2023-01-23
⋅
Kroll
⋅
Black Basta – Technical Analysis Black Basta Cobalt Strike MimiKatz QakBot SystemBC |
| 2023-01-05
⋅
Symantec
⋅
Bluebottle: Campaign Hits Banks in French-speaking Countries in Africa CloudEyE Cobalt Strike MimiKatz NetWire RC POORTRY Quasar RAT BlueBottle |
| 2022-11-09
⋅
Trend Micro
⋅
Hack the Real Box: APT41’s New Subgroup Earth Longzhi Cobalt Strike MimiKatz Earth Longzhi |
| 2022-10-18
⋅
Intrinsec
⋅
APT27 – One Year To Exfiltrate Them All: Intrusion In-Depth Analysis HyperBro MimiKatz |
| 2022-10-11
⋅
⋅
AhnLab
⋅
From Exchange Server vulnerability to ransomware infection in just 7 days LockBit MimiKatz |
| 2022-09-29
⋅
Symantec
⋅
Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East CHINACHOPPER Lookback MimiKatz PlugX Unidentified 096 (Keylogger) x4 Witchetty |
| 2022-09-13
⋅
Symantec
⋅
New Wave of Espionage Activity Targets Asian Governments MimiKatz PlugX Quasar RAT ShadowPad Trochilus RAT |
| 2022-09-08
⋅
Cisco Talos
⋅
Lazarus and the tale of three RATs MagicRAT MimiKatz VSingle YamaBot |
| 2022-09-07
⋅
Blackberry
⋅
The Curious Case of “Monti” Ransomware: A Real-World Doppelganger Conti MimiKatz Veeam Dumper |
| 2022-09-06
⋅
ESET Research
⋅
Worok: The big picture MimiKatz PNGLoad reGeorg ShadowPad Worok |
| 2022-09-01
⋅
Trend Micro
⋅
Ransomware Spotlight Black Basta Black Basta Cobalt Strike MimiKatz QakBot |
| 2022-08-25
⋅
Microsoft
⋅
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations MimiKatz |
| 2022-08-18
⋅
Sophos
⋅
Cookie stealing: the new perimeter bypass Cobalt Strike Meterpreter MimiKatz Phoenix Keylogger Quasar RAT |
| 2022-08-15
⋅
SentinelOne
⋅
Detecting a Rogue Domain Controller – DCShadow Attack MimiKatz TrickBot |
| 2022-07-27
⋅
ReversingLabs
⋅
Threat analysis: Follina exploit fuels 'live-off-the-land' attacks Cobalt Strike MimiKatz |
| 2022-07-26
⋅
Microsoft
⋅
Malicious IIS extensions quietly open persistent backdoors into servers CHINACHOPPER MimiKatz |
| 2022-07-26
⋅
Mandiant
⋅
Mandiant Red Team Emulates FIN11 Tactics To Control Operational Technology Servers Clop Industroyer MimiKatz Triton |
| 2022-07-18
⋅
Palo Alto Networks Unit 42
⋅
Obscure Serpens Cobalt Strike Empire Downloader Meterpreter MimiKatz DarkHydrus |
| 2022-07-18
⋅
Censys
⋅
Russian Ransomware C2 Network Discovered in Censys Data Cobalt Strike DeimosC2 MimiKatz PoshC2 |
| 2022-06-30
⋅
Kaspersky
⋅
The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact MimiKatz Owlproxy SessionManager |
| 2022-06-21
⋅
Cisco Talos
⋅
Avos ransomware group expands with new attack arsenal AvosLocker Cobalt Strike DarkComet MimiKatz |
| 2022-06-20
⋅
⋅
Infinitum IT
⋅
Charming Kitten (APT35) LaZagne DownPaper MimiKatz pupy |
| 2022-06-03
⋅
AttackIQ
⋅
Attack Graph Response to US CERT AA22-152A: Karakurt Data Extortion Group Cobalt Strike MimiKatz |
| 2022-06-02
⋅
Mandiant
⋅
To HADES and Back: UNC2165 Shifts to LOCKBIT to Evade Sanctions FAKEUPDATES Blister Cobalt Strike DoppelPaymer Dridex FriedEx Hades LockBit Macaw MimiKatz Phoenix Locker WastedLocker |
| 2022-06-01
⋅
CISA
⋅
Joint Cybersecurity Advisory (Product ID AA22-152A): Karakurt Data Extortion Group MimiKatz |
| 2022-06-01
⋅
CISA
⋅
Alert (AA22-152A): Karakurt Data Extortion Group MimiKatz |
| 2022-06-01
⋅
Elastic
⋅
CUBA Ransomware Campaign Analysis Cobalt Strike Cuba Meterpreter MimiKatz SystemBC |
| 2022-05-17
⋅
Trend Micro
⋅
Ransomware Spotlight: RansomEXX LaZagne Cobalt Strike IcedID MimiKatz PyXie RansomEXX TrickBot |
| 2022-04-27
⋅
⋅
ANSSI
⋅
LE GROUPE CYBERCRIMINEL FIN7 Bateleur BELLHOP Griffon SQLRat POWERSOURCE Andromeda BABYMETAL BlackCat BlackMatter BOOSTWRITE Carbanak Cobalt Strike DNSMessenger Dridex DRIFTPIN Gameover P2P MimiKatz Murofet Qadars Ranbyus SocksBot |
| 2022-04-19
⋅
Varonis
⋅
Hive Ransomware Analysis Cobalt Strike Hive MimiKatz |
| 2022-04-08
⋅
Infinitum Labs
⋅
Threat Spotlight: Conti Ransomware Group Behind the Karakurt Hacking Team Cobalt Strike MimiKatz |
| 2022-04-07
⋅
splunk
⋅
You Bet Your Lsass: Hunting LSASS Access Cobalt Strike MimiKatz |
| 2022-04-05
⋅
Symantec
⋅
Cicada: Chinese APT Group Widens Targeting in Recent Espionage Activity MimiKatz SodaMaster |
| 2022-04-05
⋅
Symantec
⋅
Cicada: Chinese APT Group Widens Targeting in Recent Espionage Activity MimiKatz APT10 |
| 2022-03-25
⋅
Dragos
⋅
How Dragos Activity Groups Obtain Initial Access into Industrial Environments MimiKatz |
| 2022-03-09
⋅
BreachQuest
⋅
The Conti Leaks | Insight into a Ransomware Unicorn Cobalt Strike MimiKatz TrickBot |
| 2022-03-01
⋅
VirusTotal
⋅
VirusTotal's 2021 Malware Trends Report Anubis AsyncRAT BlackMatter Cobalt Strike DanaBot Dridex Khonsari MimiKatz Mirai Nanocore RAT Orcus RAT |
| 2022-02-03
⋅
Symantec
⋅
Antlion: Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan MimiKatz xPack Antlion |
| 2021-12-14
⋅
Symantec
⋅
Espionage Campaign Targets Telecoms Organizations across Middle East and Asia MimiKatz |
| 2021-12-06
⋅
Microsoft
⋅
NICKEL targeting government organizations across Latin America and Europe MimiKatz |
| 2021-12-06
⋅
Notice of Pleadings
⋅
Complaint filed by Microsoft against NICKEL/APT15 MimiKatz |
| 2021-12-06
⋅
PARAFLARE
⋅
Attack Lifecycle Detection of an Operational Technology Breach MimiKatz |
| 2021-11-18
⋅
Microsoft
⋅
Iranian targeting of IT sector on the rise MimiKatz ShellClient RAT Cuboid Sandstorm |
| 2021-11-05
⋅
Twitter (@inversecos)
⋅
TTPs used by Pysa Ransonmware group Mespinoza MimiKatz |
| 2021-11-01
⋅
Accenture
⋅
Diving into double extortion campaigns Cobalt Strike MimiKatz |
| 2021-10-25
⋅
CrowdStrike
⋅
OverWatch Elite In Action: Prompt Call Escalation Proves Vital to Containing Attack MimiKatz |
| 2021-10-15
⋅
Volatility Labs
⋅
Memory Forensics R&D Illustrated: Detecting Mimikatz's Skeleton Key Attack MimiKatz |
| 2021-10-11
⋅
Accenture
⋅
Moving Left of the Ransomware Boom REvil Cobalt Strike MimiKatz RagnarLocker REvil |
| 2021-09-24
⋅
Trend Micro
⋅
Examining the Cring Ransomware Techniques Cobalt Strike Cring MimiKatz |
| 2021-09-21
⋅
eSentire
⋅
Ransomware Hackers Attack a Top Safety Testing Org. Using Tactics and Techniques Borrowed from Chinese Espionage Groups Cobalt Strike MimiKatz UNC215 |
| 2021-09-14
⋅
McAfee
⋅
Operation ‘Harvest’: A Deep Dive into a Long-term Campaign MimiKatz PlugX Winnti |
| 2021-09-09
⋅
Symantec
⋅
Grayfly: Chinese Threat Actor Uses Newly-discovered Sidewalk Malware CROSSWALK MimiKatz SideWalk |
| 2021-08-30
⋅
⋅
Qianxin
⋅
Operation (Thủy Tinh) OceanStorm: The evil lotus hidden under the abyss Cobalt Strike MimiKatz |
| 2021-08-23
⋅
FBI
⋅
Indicators of Compromise Associated with OnePercent Group Ransomware Cobalt Strike MimiKatz |
| 2021-08-15
⋅
Symantec
⋅
The Ransomware Threat Babuk BlackMatter DarkSide Avaddon Babuk BADHATCH BazarBackdoor BlackMatter Clop Cobalt Strike Conti DarkSide DoppelPaymer Egregor Emotet FiveHands FriedEx Hades IcedID LockBit Maze MegaCortex MimiKatz QakBot RagnarLocker REvil Ryuk TrickBot WastedLocker |
| 2021-08-10
⋅
FireEye
⋅
UNC215: Spotlight on a Chinese Espionage Campaign in Israel HyperBro HyperSSL MimiKatz |
| 2021-08-03
⋅
Cybereason
⋅
DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos CHINACHOPPER Cobalt Strike MimiKatz Nebulae |
| 2021-07-20
⋅
Secureworks
⋅
Ongoing Campaign Leveraging Exchange Vulnerability Potentially Linked to Iran CHINACHOPPER MimiKatz RGDoor |
| 2021-06-29
⋅
Accenture
⋅
HADES ransomware operators continue attacks Cobalt Strike Hades MimiKatz |
| 2021-05-18
⋅
Sophos
⋅
The Active Adversary Playbook 2021 Cobalt Strike MimiKatz |
| 2021-05-13
⋅
AWAKE
⋅
Catching the White Stork in Flight Cobalt Strike MimiKatz RMS |
| 2021-04-27
⋅
Trend Micro
⋅
Legitimate Tools Weaponized for Ransomware in 2021 Cobalt Strike MimiKatz |
| 2021-03-31
⋅
Red Canary
⋅
2021 Threat Detection Report Shlayer Andromeda Cobalt Strike Dridex Emotet IcedID MimiKatz QakBot TrickBot |
| 2021-03-21
⋅
Blackberry
⋅
2021 Threat Report Bashlite FritzFrog IPStorm Mirai Tsunami elf.wellmess AppleJeus Dacls EvilQuest Manuscrypt Astaroth BazarBackdoor Cerber Cobalt Strike Emotet FinFisher RAT Kwampirs MimiKatz NjRAT Ryuk SmokeLoader TrickBot |
| 2021-03-19
⋅
Bundesamt für Sicherheit in der Informationstechnik
⋅
Microsoft Exchange Schwachstellen Detektion und Reaktion (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065) CHINACHOPPER MimiKatz |
| 2021-03-11
⋅
DEVO
⋅
Detection and Investigation Using Devo: HAFNIUM 0-day Exploits on Microsoft Exchange Service CHINACHOPPER MimiKatz |
| 2021-03-10
⋅
ESET Research
⋅
Exchange servers under siege from at least 10 APT groups Microcin MimiKatz PlugX Winnti APT27 APT41 Calypso Tick ToddyCat Tonto Team Vicious Panda |
| 2021-03-08
⋅
Symantec
⋅
How Symantec Stops Microsoft Exchange Server Attacks CHINACHOPPER MimiKatz |
| 2021-02-26
⋅
CrowdStrike
⋅
Hypervisor Jackpotting: CARBON SPIDER and SPRITE SPIDER Target ESXi Servers With Ransomware to Maximize Impact DarkSide RansomEXX Griffon Carbanak Cobalt Strike DarkSide IcedID MimiKatz PyXie RansomEXX REvil |
| 2021-01-29
⋅
Trend Micro
⋅
Chopper ASPX web shell used in targeted attack CHINACHOPPER MimiKatz |
| 2021-01-26
⋅
Twitter (@swisscom_csirt)
⋅
Tweet on Cring Ransomware groups using customized Mimikatz sample followed by CobaltStrike and dropping Cring rasomware Cobalt Strike Cring MimiKatz |
| 2021-01-18
⋅
⋅
Bundesamt für Verfassungsschutz
⋅
BfV Cyber-Brief Nr. 01/2021 : Vorgehensweise von APT31 MimiKatz |
| 2021-01-15
⋅
Swisscom
⋅
Cracking a Soft Cell is Harder Than You Think Ghost RAT MimiKatz PlugX Poison Ivy Trochilus RAT |
| 2021-01-01
⋅
Threat Profile: GOLD DRAKE Cobalt Strike Dridex FriedEx Koadic MimiKatz WastedLocker Evil Corp |
| 2021-01-01
⋅
Secureworks
⋅
Threat Profile: GOLD FRANKLIN Grateful POS Meterpreter MimiKatz RemCom FIN6 |
| 2021-01-01
⋅
Secureworks
⋅
Threat Profile: GOLD BURLAP Empire Downloader Mespinoza MimiKatz GOLD BURLAP |
| 2020-12-21
⋅
⋅
SlideShare (yurikamuraki5)
⋅
Active Directory 侵害と推奨対策 MimiKatz |
| 2020-12-15
⋅
HvS-Consulting AG
⋅
Greetings from Lazarus: Anatomy of a cyber espionage campaign BLINDINGCAN MimiKatz Lazarus Group |
| 2020-12-15
⋅
HvS-Consulting AG
⋅
Greetings from Lazarus Anatomy of a cyber espionage campaign BLINDINGCAN HTTP(S) uploader MimiKatz |
| 2020-12-09
⋅
Avast Decoded
⋅
APT Group Targeting Governmental Agencies in East Asia LaZagne Albaniiutas HyperBro MimiKatz PolPo Tmanger TaskMasters |
| 2020-12-04
⋅
Theta
⋅
Snakes & Ladders: the offensive use of Python on Windows MimiKatz |
| 2020-11-30
⋅
FireEye
⋅
It's not FINished The Evolving Maturity in Ransomware Operations Cobalt Strike DoppelPaymer MimiKatz QakBot REvil |
| 2020-11-30
⋅
Yoroi
⋅
Shadows From The Past Threaten Italian Enterprises Rekoobe LaZagne Responder MimiKatz win.rekoobe |
| 2020-11-27
⋅
PTSecurity
⋅
Investigation with a twist: an accidental APT attack and averted data destruction TwoFace CHINACHOPPER HyperBro MegaCortex MimiKatz |
| 2020-10-23
⋅
F-Secure Labs
⋅
Catching Lazarus: Threat Intelligence to Real Detection Logic - Part Two MimiKatz |
| 2020-10-20
⋅
F-Secure
⋅
Incident Readiness: Preparing a proactive response to attacks MimiKatz |
| 2020-10-01
⋅
US-CERT
⋅
Alert (AA20-275A): Potential for China Cyber Response to Heightened U.S.-China Tensions CHINACHOPPER Cobalt Strike Empire Downloader MimiKatz Poison Ivy |
| 2020-09-17
⋅
FBI
⋅
FBI PIN Number 20200917-001: IRGC-Associated Cyber Operations Against US Company Networks MimiKatz Nanocore RAT |
| 2020-08-31
⋅
The DFIR Report
⋅
NetWalker Ransomware in 1 Hour Cobalt Strike Mailto MimiKatz |
| 2020-08-10
⋅
ZDNet
⋅
FBI says an Iranian hacking group is attacking F5 networking devices MimiKatz |
| 2020-08-06
⋅
Wired
⋅
Chinese Hackers Have Pillaged Taiwan's Semiconductor Industry Cobalt Strike MimiKatz Winnti Red Charon |
| 2020-08-04
⋅
BlackHat
⋅
Operation Chimera - APT Operation Targets Semiconductor Vendors Cobalt Strike MimiKatz Winnti Red Charon |
| 2020-06-24
⋅
BRONZE VINEWOOD Targets Supply Chains MimiKatz Trochilus RAT APT31 |
| 2020-06-18
⋅
⋅
Bundesamt für Verfassungsschutz
⋅
BfV Cyber-BriefNr. 01/2020 - Hinweis auf aktuelle Angriffskampagne Ketrican MimiKatz |
| 2020-05-28
⋅
Kaspersky Labs
⋅
Steganography in targeted attacks on industrial enterprises MimiKatz |
| 2020-05-27
⋅
FBI
⋅
Alert Number MI-000148-MW: APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity MimiKatz |
| 2020-05-21
⋅
ESET Research
⋅
No “Game over” for the Winnti Group ACEHASH HTran MimiKatz PipeMon |
| 2020-05-21
⋅
Bitdefender
⋅
Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia MimiKatz Remexi |
| 2020-05-14
⋅
Lab52
⋅
The energy reserves in the Eastern Mediterranean Sea and a malicious campaign of APT10 against Turkey Cobalt Strike HTran MimiKatz PlugX Quasar RAT |
| 2020-05-14
⋅
Avast Decoded
⋅
APT Group Planted Backdoors Targeting High Profile Networks in Central Asia BYEBY Ghost RAT Microcin MimiKatz Vicious Panda |
| 2020-05-07
⋅
REDTEAM.PL
⋅
Sodinokibi / REvil ransomware Maze MimiKatz REvil |
| 2020-04-16
⋅
Medium CyCraft
⋅
Taiwan High-Tech Ecosystem Targeted by Foreign APT Group: Digital Skeleton Key Bypasses Security Measures Cobalt Strike MimiKatz Red Charon |
| 2020-03-05
⋅
Microsoft
⋅
Human-operated ransomware attacks: A preventable disaster Dharma DoppelPaymer Dridex EternalPetya Gandcrab Hermes LockerGoga MegaCortex MimiKatz REvil RobinHood Ryuk SamSam TrickBot WannaCryptor PARINACOTA |
| 2020-02-21
⋅
ADEO DFIR
⋅
APT10 Threat Analysis Report CHINACHOPPER HTran MimiKatz PlugX Quasar RAT |
| 2020-02-19
⋅
Lexfo
⋅
The Lazarus Constellation A study on North Korean malware FastCash AppleJeus BADCALL Bankshot Brambul Dtrack Duuzer DYEPACK ELECTRICFISH HARDRAIN Hermes HOPLIGHT Joanap KEYMARBLE Kimsuky MimiKatz MyDoom NACHOCHEESE NavRAT PowerRatankba RokRAT Sierra(Alfa,Bravo, ...) Volgmer WannaCryptor |
| 2020-02-18
⋅
Cisco Talos
⋅
Building a bypass with MSBuild Cobalt Strike GRUNT MimiKatz |
| 2020-02-02
⋅
uf0 Blog
⋅
Uncovering Mimikatz ‘msv’ and collecting credentials through PyKD MimiKatz |
| 2020-01-01
⋅
Secureworks
⋅
BRONZE ATLAS Speculoos Winnti ACEHASH CCleaner Backdoor CHINACHOPPER Empire Downloader HTran MimiKatz PlugX Winnti APT41 |
| 2020-01-01
⋅
Secureworks
⋅
BRONZE VINEWOOD MimiKatz Trochilus RAT APT31 |
| 2020-01-01
⋅
Secureworks
⋅
COBALT HICKMAN MimiKatz Remexi APT39 |
| 2020-01-01
⋅
Secureworks
⋅
GOLD DRAKE Dridex Empire Downloader FriedEx Koadic MimiKatz |
| 2020-01-01
⋅
Secureworks
⋅
GOLD KINGSWOOD More_eggs ATMSpitter Cobalt Strike CobInt MimiKatz |
| 2020-01-01
⋅
Secureworks
⋅
TIN WOODLAWN Cobalt Strike KerrDown MimiKatz PHOREAL RatSnif Remy SOUNDBITE APT32 |
| 2020-01-01
⋅
Secureworks
⋅
GOLD KINGSWOOD More_eggs ATMSpitter Cobalt Strike CobInt MimiKatz Cobalt |
| 2019-12-12
⋅
Microsoft
⋅
GALLIUM: Targeting global telecom CHINACHOPPER Ghost RAT HTran MimiKatz Poison Ivy GALLIUM |
| 2019-11-19
⋅
FireEye
⋅
Achievement Unlocked: Chinese Cyber Espionage Evolves to Support Higher Level Missions MESSAGETAP TSCookie ACEHASH CHINACHOPPER Cobalt Strike Derusbi Empire Downloader Ghost RAT HIGHNOON HTran MimiKatz NetWire RC POISONPLUG Poison Ivy pupy Quasar RAT ZXShell |
| 2019-09-23
⋅
MITRE
⋅
APT41 Derusbi MESSAGETAP Winnti ASPXSpy BLACKCOFFEE CHINACHOPPER Cobalt Strike Derusbi Empire Downloader Ghost RAT MimiKatz NjRAT PlugX ShadowPad Winnti ZXShell APT41 |
| 2019-06-25
⋅
Cybereason
⋅
OPERATION SOFT CELL: A WORLDWIDE CAMPAIGN AGAINST TELECOMMUNICATIONS PROVIDERS CHINACHOPPER HTran MimiKatz Poison Ivy Operation Soft Cell |
| 2019-05-10
⋅
XPN Blog
⋅
Exploring Mimikatz - Part 1 - WDigest MimiKatz |
| 2019-04-04
⋅
CrowdStrike
⋅
Mimikatz in the Wild: Bypassing Signature-Based Detections Using the “AK47 of Cyber” MimiKatz |
| 2019-03-27
⋅
Symantec
⋅
Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S. DarkComet MimiKatz Nanocore RAT NetWire RC pupy Quasar RAT Remcos StoneDrill TURNEDUP APT33 |
| 2019-01-04
⋅
Github (gentilkiwi)
⋅
mimikatz Repository MimiKatz |
| 2018-07-25
⋅
Symantec
⋅
Leafminer: New Espionage Campaigns Targeting Middle Eastern Regions Imecab MimiKatz Sorgu RASPITE |
| 2018-02-28
⋅
Symantec
⋅
Chafer: Latest Attacks Reveal Heightened Ambitions MimiKatz Remexi |
| 2018-02-15
⋅
Secureworks
⋅
SamSam Ransomware Campaigns MimiKatz reGeorg SamSam BOSS SPIDER |
| 2017-12-04
⋅
RSA
⋅
The Shadows of Ghosts Inside the response of a unique Carbanak intrusion GOTROJ MimiKatz |
| 2017-11-09
⋅
Wired
⋅
He Perfected a Password-Hacking Tool—Then the Russians Came Calling MimiKatz |
| 2017-05-31
⋅
MITRE
⋅
Sandworm Team CyclopsBlink Exaramel BlackEnergy EternalPetya Exaramel GreyEnergy KillDisk MimiKatz Olympic Destroyer Sandworm |
| 2017-05-31
⋅
MITRE
⋅
PittyTiger Enfal Ghost RAT MimiKatz Poison Ivy APT24 |
| 2017-02-27
⋅
Symantec
⋅
Shamoon: Multi-staged destructive attacks limited to specific targets DistTrack MimiKatz Rocket Kitten |
| 2016-10-11
⋅
Symantec
⋅
Odinaff: New Trojan used in high level financial attacks Cobalt Strike KLRD MimiKatz Odinaff |
| 2016-03-30
⋅
Secureworks
⋅
Ransomware Deployed by Adversary with Established Foothold MimiKatz reGeorg SamSam BOSS SPIDER |
| 2011-04-28
⋅
Un observateur d’événements aveugle… MimiKatz |