Common Information
| Type | Value |
|---|---|
| Value |
invoke-mimikatz.ps1 |
| Category | |
| Type | File |
| Misp Type | |
| Description |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-09-20 | 143 | Twelve: from initial compromise to ransomware and wipers | ||
| Details | Website | 2024-08-13 | 15 | SSH Tunnelling to Punch Through Corporate Firewalls - Updated take on one of the oldest LOLBINs | JUMPSEC LABS | ||
| Details | 2024-05-20 | 282 | Ландшафт киберугроз | |||
| Details | Website | 2023-10-30 | 25 | Validating detection for Gootloader with Atomic Red Team | ||
| Details | Website | 2023-03-24 | 45 | Data Exfiltration Tips/Tricks | ||
| Details | Website | 2023-01-09 | 43 | ATTACKING ACTIVE DIRECTORY | ||
| Details | Website | 2022-08-10 | 17 | Lockbit, Hive, and BlackCat attack automotive supplier in triple ransomware attack | ||
| Details | 2020-09-28 | 69 | 28 JULY 2020 MI-000130-MW WE NEED YOUR HELP! Indicators Associated with Netwalker Ransomware | |||
| Details | 2019-12-18 | 141 | Operation Wocao Shining a light on one of China’s hidden hacking groups | |||
| Details | Website | 2019-09-23 | 6 | GitHub - peewpw/Invoke-PSImage: Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute | ||
| Details | Website | 2019-08-27 | 103 | China Chopper still active 9 years later | ||
| Details | 2019-08-13 | 284 | MacProStorage02:_2019CLF:Bitdefender-Whitepaper-Hard-creat3095-A4-v2-en_EN:Bitdefender-Whitepaper-Hard-creat3095-A4-v2-en_EN.indd | |||
| Details | Website | 2018-11-06 | 15 | Running PowerShell on Azure VMs at Scale | ||
| Details | Website | 2018-07-10 | 3 | Current state of malicious Powershell script blocking - MRG Effitas | ||
| Details | Website | 2018-05-15 | 20 | Lateral Movement – WinRM | ||
| Details | Website | 2018-02-15 | 43 | SamSam Ransomware Campaigns | ||
| Details | Website | 2018-01-02 | 15 | Command and Control – Images | ||
| Details | Website | 2017-10-13 | 12 | Hunting Mimikatz Using Sysmon + ELK - Part 2 of Series | ||
| Details | Website | 2017-10-02 | 8 | Command and Control – Kernel | ||
| Details | Website | 2017-03-22 | 12 | Chronicles of a Threat Hunter: Hunting for In-Memory Mimikatz with Sysmon and ELK - Part II (Event ID 10) | ||
| Details | 2016-12-12 | 152 | A Hunting Story | |||
| Details | Website | 2016-08-09 | 4 | Toolsmith In-depth Analysis: ProcFilter - YARA-integrated Windows process denial framework | ||
| Details | Website | 2015-09-28 | 12 | 使用Invoke-Mimikatz.ps1批量获取windows密码 | ||
| Details | Website | 2015-07-27 | 20 | Auto-Dumping Domain Credentials using SPNs, PowerShell Remoting, and Mimikatz | ||
| Details | Website | 2015-05-01 | 14 | toolsmith: Attack & Detection: Hunting in-memory adversaries with Rekall and WinPmem |