HOMETHREATSMimiKatz
APT / THREAT GROUP

MimiKatz

2
aliases
Last seen:Mar 17, 2026

Intelligence Profile

Varonis summarizes Mimikatz as an open-source application that allows users to view and save authentication credentials like Kerberos tickets. Benjamin Delpy continues to lead Mimikatz developments, so the toolset works with the current release of Windows and includes the most up-to-date attacks.

Attackers commonly use Mimikatz to steal credentials and escalate privileges: in most cases, endpoint protection software and anti-virus systems will detect and delete it. Conversely, pentesters use Mimikatz to detect and exploit vulnerabilities in your networks so you can fix them.

Threat Analysis

MimiKatz is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

Intelligence Reports Mentioning MimiKatz

External References

Quick Facts

TypeAPT / Threat Group
Aliases2

Also Known As

MimiKatzwin.mimikatz

External Intelligence

Malpedia: win.mimikatz

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.