Search
Keyword: hktl_mimikatz64
Retrieve user credentials using the mimikatz library Take a screenshot and sends it to the C&C server Run VNC plugin Uninstall bot List all running processes Initiate a reverse shell to the server It reads
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires being executed with a specific
%Windows%\miagration\svschost.xml %Windows%\miagration\spoolsrv.xml %Windows%\dispmrroe\Corporate\vfshost.exe -> Mimikatz component %Windows%\dispmrroe\Corporate\mimidrv.sys %Windows%\dispmrroe
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It takes advantage of certain vulnerabilities. Arrival
Mimikatz Other Details This Coinminer connects to the following website to send and receive information: {BLOCKED}.{BLOCKED}.127.157:8000/api.php?data={stolen credentials} node.{BLOCKED}v.com/api.php?data=
Execute mimikatz It does not exploit any vulnerability. Backdoor:Win32/Patpoopy.A (Microsoft); Trojan.Win64.Shelma.azu (Kaspersky) Downloaded from the Internet Connects to URLs/IPs
the following: It creates the following WMI Class under root\default: systemcore_Updater6 WMI objects: funs = {base64 encoded script} mimi = Mimikatz Trojan.Powershell.Agent.DR(BITDEFENDER) Downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Hacking Tool arrives on a
provides additional information for and control of connected BusyLights system environment - provides the ability to manage system environment variables rpc - provides remote control of mimikatz sr98 - RF
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Hacking Tool arrives on a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
Description Name: MIMIKATZ SHELL - TCP . This is Trend Micro detection for packets passing through TCP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Suspicious acti...
Description Name: MIMIKATZ SHELL - HTTP(RESPONSE) . This is Trend Micro detection for packets passing through HTTP network protocols that manifests unusual behavior which can be a potential intrusion. Below are some indicators of unusual behavior:Sus...
This hacking tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed by a user. It
This hacking tool may be manually installed by a user. It does not have any propagation routine. It does not have any backdoor routine. It does not have any information-stealing capability. Arrival