home

mimikatz.exe

mimikatz

Benjamin Delpy

The application mimikatz.exe, “mimikatz for Windows” by Benjamin Delpy has been detected as adware by 36 anti-malware scanners.
Publisher:
gentilkiwi (Benjamin DELPY)  (signed by Benjamin Delpy)

Product:
mimikatz

Description:
mimikatz for Windows

Version:
2.0.0.0

MD5:
49f1bbc77a5ce3c448e79cec2dceb11f

SHA-1:
79718d9c5943565f7c05b016a953366aa0266f6f

SHA-256:
1f9b053259c4f445695747ee02f5ed4e84b9462529d48d37657f023e511e54d5

Scanner detections:
36 / 68

Status:
Adware

Analysis date:
4/18/2024 10:56:29 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.519600
471

Agnitum Outpost
Exploit.Palsas
7.1.1

AhnLab V3 Security
HackTool/Win32.Mimikatz
2015.05.29

Avira AntiVirus
TR/Expl.Palsas.o
8.3.1.6

AVG
Exploit
2016.0.2949

Baidu Antivirus
Trojan.Win64.Palsas
4.0.3.151021

Bitdefender
Gen:Variant.Kazy.519600
1.0.20.1470

Comodo Security
UnclassifiedMalware
22258

Emsisoft Anti-Malware
Gen:Variant.Kazy.519600
8.15.10.21.11

ESET NOD32
Win32/HackTool.Mimikatz.O potentially unsafe (variant)
9.11700

Fortinet FortiGate
W32/Palsas.O!exploit
10/21/2015

F-Prot
W32/Mimikatz.A.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Kazy.519600
11.2015-21-10_4

G Data
Gen:Variant.Kazy.519600
15.10.25

IKARUS anti.virus
HackTool.Win32.Mikatz
t3scan.1.9.2.0

K7 AntiVirus
Unwanted-Program
13.204.16059

Kaspersky
HackTool.Win32.Mimikatz
14.0.0.1240

McAfee
HTool-Mimikatz
5600.6605

Microsoft Security Essentials
HackTool:Win32/Mikatz
1.1.11701.0

MicroWorld eScan
Gen:Variant.Kazy.519600
16.0.0.882

NANO AntiVirus
Exploit.Win32.Palsas.dfupkn
0.30.24.1636

Norman
Mikatz.CERT
11.20151021

nProtect
Trojan.Generic.11157218
14.05.15.01

Panda Antivirus
Trj/CI.A
15.10.21.11

Qihoo 360 Security
Win32/Trojan.Exploit.30a
1.0.0.1015

Quick Heal
HackTool.Mimikatz.r5 (Not a Virus)
10.15.14.00

Reason Heuristics
PUP.BenjaminDelpy (M)
15.10.21.23

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D[F1]
23.00.65.151019

Sophos
Mimikatz Exploit Utility
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Suspicious
9555

Trend Micro House Call
HKTL_MIMIKATZ
7.2.294

Trend Micro
TROJ_GEN.R047C0EES15
10.465.21

Vba32 AntiVirus
Exploit.Palsas
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
40630

ViRobot
Trojan.Win32.S.Agent.189936.A[h]
2014.3.20.0

Zillya! Antivirus
Exploit.Palsas.Win32.10
2.0.0.1790

File size:
134.2 KB (137,408 bytes)

Product version:
2.0.0.0

Copyright:
Copyright (c) 2007 - 2013 gentilkiwi (Benjamin DELPY)

Original file name:
mimikatz.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Benjamin Delpy

Authority:
GlobalSign nv-sa

Valid from:
6/28/2011 2:46:16 AM

Valid to:
6/28/2014 2:46:16 AM

Subject:
CN=Benjamin Delpy, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112169417A1C3EF46A301F99385F50680FA0

File PE Metadata
Compilation timestamp:
10/29/2013 3:02:16 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
3072:LPJfvPTZnYBrPTvMrL/8OgJ/h+nImRuGjVAEkIjeG7KZBYlrX1bWgUsNlDQjLf1:L9vPlS5wVcT1

Entry address:
0xAFB2

Entry point:
E8, 0C, 26, 00, 00, E9, CD, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, C0, D0, 41, 00, 89, 0D, BC, D0, 41, 00, 89, 15, B8, D0, 41, 00, 89, 1D, B4, D0, 41, 00, 89, 35, B0, D0, 41, 00, 89, 3D, AC, D0, 41, 00, 66, 8C, 15, D8, D0, 41, 00, 66, 8C, 0D, CC, D0, 41, 00, 66, 8C, 1D, A8, D0, 41, 00, 66, 8C, 05, A4, D0, 41, 00, 66, 8C, 25, A0, D0, 41, 00, 66, 8C, 2D, 9C, D0, 41, 00, 9C, 8F, 05, D0, D0, 41, 00, 8B, 45, 00, A3, C4, D0, 41, 00, 8B, 45, 04, A3, C8, D0, 41, 00, 8D, 45, 08, A3, D4, D0, 41...
 
[+]

Entropy:
6.2175

Code size:
56.5 KB (57,856 bytes)

Remove mimikatz.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.