Upload files

By using Saferwall you consent to our Terms of Service and Privacy Policy and allow us to share your submission with the security community. Learn more

Summary
Like

Analyse score

10/ 14

10 antivirus venders flagged
this file as malicious

Signature

Signed file, invalid signature

Last scanned

First submission

File type

exe

exe

Basic properties

CRC32

0xaa5186ce

MD5

a3cb3b02a683275f7e0a0f8a9a5c9e07

Magic

PE32+ executable (console) x86-64, for MS Windows

SHA1

d241df7b9d2ec0b8194751cd5ce153e27cc40fa4

SHA256

31eb1de7e840a342fd468e558e5ab627bcb4c542a8fe01aec4d5ba01d539a0fc

SHA512

95a99fd1686bd5b01d3eb5b055d3cab900e6480d4e2360595b64d57c80e74daa4c14753fa2e0e224ea5c72735af3339fb72f7d9455f4feeb3e237e6c20866d96

SSDeep

24576:XOzE5EJgB1alEruZrnnDGgMsnPjKesPbqJgUe8MAm4rCNG/:XOSwrDzLj5O2JgUe8M0n/

Size

1.25MB

Packer
  • PE+(64): compiler: Microsoft Visual C/C++(2008 SP1)[-]
  • PE+(64): linker: Microsoft Linker(9.0)[EXE64,console,signed]
TrID
  • 83.7% (.CPL) Windows Control Panel Item (generic) (197083/11/60)
  • 7.0% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5)
  • 4.4% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 2.1% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 0.8% (.EXE) OS/2 Executable (generic) (2029/13)
Tags

ExifTool File Metadata

CharacterSet

Unicode

CodeSize

806.50KB

CompanyName

gentilkiwi (Benjamin DELPY)

EntryPoint

0xc3aec

ExifToolVersionNumber

12.49

FileDescription

mimikatz for Windows

FileFlags

Pre-release, Private build, Special build

FileFlagsMask

0x003f

FileOs

Windows NT

FileSize

1309 kB

FileSubtype

0

FileType

Win64 EXE

FileTypeExtension

exe

FileVersion

2.2.0.0

FileVersionNumber

2.2.0.0

ImageFileCharacteristics

Executable, Large address aware

ImageVersion

0.0

InitializedDataSize

464.00KB

InternalName

mimikatz

LanguageCode

English (U.S.)

LegalCopyright

Copyright (c) 2007 - 2020 gentilkiwi (Benjamin DELPY)

LinkerVersion

9.0

MachineType

AMD AMD64

MimeType

application/octet-stream

ObjectFileType

Executable application

OriginalFileName

mimikatz.exe

OsVersion

5.2

PeType

PE32+

PrivateBuild

Build with love for POC only

ProductName

mimikatz

ProductVersion

2.2.0.0

ProductVersionNumber

2.2.0.0

Subsystem

Windows command line

SubsystemVersion

5.2

UninitializedDataSize

0

Submissions

Published Name Source Country
mimikatz.exe web
France