Mimikatz
Essential information
- Confidence
- 100/100
- Published
- 31/05/2017 23:32
- Modified
- 27/03/2026 01:07
- Revoked
- No
- Author / Source
- The MITRE Corporation
- Related entities
- 17 attack patterns (mitre), 51 intrusion sets (apt), 9 campaign, 1 reports, 9 campaigns
Description
Marking (TLP)
Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.
External references
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets, tools and other entities linked to this tool.
Attack patterns (MITRE) (17)
-
T1003.002 usesSecurity Account Manager MITRE
-
T1555.003 usesCredentials from Web Browsers MITRE
-
Silver Ticket usesT1558.002 MITRE
-
T1098 usesAccount Manipulation MITRE
-
T1555.004 usesWindows Credential Manager MITRE
-
T1550.002 usesPass the Hash MITRE
-
-
-
T1134.005 MITRE
-
T1003.006 usesDCSync MITRE
-
T1552.004 usesPrivate Keys MITRE
-
T1003.001 usesLSASS Memory MITRE
Intrusion sets (APT) (51)
-
The MITRE Corporation Confidence 100
[GALLIUM](https://attack.mitre.org/groups/G0093) is a cyberespionage group that has been active since at least 2012, primarily targeting telecommunications companies, financial institutions, and government entities in Afghanistan, Australia, Belgium, Cambodia, Malaysia,…
First seen 01/01/1970 · Last seen 16/11/5138 · -
The MITRE Corporation Confidence 100
[Sandworm Team](https://attack.mitre.org/groups/G0034) is a destructive threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) Main Center for Special Technologies (GTsST) military unit 74455.(Citation:…
First seen 01/01/1970 · Last seen 16/11/5138 · -
The MITRE Corporation Confidence 100
[FIN13](https://attack.mitre.org/groups/G1016) is a financially motivated cyber threat group that has targeted the financial, retail, and hospitality industries in Mexico and Latin America, as early as 2016. [FIN13](https://attack.mitre.org/groups/G1016) achieves…
First seen 01/01/1970 · Last seen 16/11/5138 ·
Campaign (9)
-
C0032 uses
-
Triton Safety Instrumented System Attack uses
-
Operation Digital Eye uses
-
HomeLand Justice uses
-
C0018 uses
-
SolarWinds Compromise uses
-
SharePoint ToolShell Exploitation uses
-
C0017 uses
-
Operation Wocao uses
Reports (1)
-
Confidence 100 18 CVEs 200 MITREs 200 Malwares 20 APTs 26 Tools
Campaigns (9)
-
C0032
-
Triton Safety Instrumented System Attack
-
Operation Digital Eye
-
HomeLand Justice
-
C0018
-
SolarWinds Compromise
-
SharePoint ToolShell Exploitation
-
C0017
-
Operation Wocao