Backdoor.Mimikatz.CO

By CagedTech in Backdoors

Threat Scorecard

Popularity Rank:	13,626
Threat Level:	60 % (Medium)
Infected Computers:	99

First Seen:	March 30, 2022
Last Seen:	November 1, 2025
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Backdoor.Mimikatz.CO
Signature status:	No Signature

Known Samples

MD5: 99ef53d52b31b079bbc605798bdf597b

SHA1: f93d900b94b4ee3007a71e25af673faf6b4e8d40

SHA256: 88F5854CB18AEE4D005665E088627850E66C1A58CF8EB720DA04EEB5374AA012

File Size: 1.54 MB, 1538560 bytes

MD5: 31414f9cced370b9f8485f57ee7c96f5

SHA1: 522c160542dd3239fe59a906854637d91fa55992

SHA256: 8EACE2C3799251D0AE8167DFE08A6F8FBFA11AA05DBDD8269B0652E35CB171AD

File Size: 1.68 MB, 1684992 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have security information
File has exports table
File has TLS information
File is 64-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)

IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

Block Information

Total Blocks:	5,214
Potentially Malicious Blocks:	2,291
Whitelisted Blocks:	2,865
Unknown Blocks:	58

Visual Map

? 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x x x x x x x 0 x x 0 x x x 0 x x x x 0 0 0 x x x 0 x x x x x x x x x x x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x x 0 0 0 0 0 0 x x 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x ? 0 0 0 0 x 0 0 0 0 0 x x 0 0 x 0 x x 0 x x x x 0 x x x 0 x x 0 x 0 0 0 0 x 0 x 0 0 0 0 0 0 0 x 0 0 x 0 0 0 x 0 0 x 0 x x x x 0 0 0 0 ? 0 0 x 0 1 0 0 0 x 0 0 0 0 x x 0 0 0 x 0 0 0 ? x 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x 0 0 0 x 0 0 0 0 ? x x 0 0 0 0 x 0 0 ? 0 x 0 0 0 0 x 0 0 x x 0 0 x 0 x 0 0 0 0 0 x 0 0 x 0 0 x x 0 x 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 x 0 x x 0 x x x x 0 0 0 0 0 0 ? 0 x 0 0 x x x 0 x x 0 x x x 1 x 0 0 x x 0 0 0 0 0 0 0 x 0 0 0 x 0 x 0 0 0 0 0 0 0 0 x 0 0 x 0 0 x x 0 0 0 0 x x 0 0 x x x x 0 0 0 0 0 0 0 x 0 0 0 0 x 0 0 0 x 0 0 x 0 0 x 0 x x x x x x 0 0 x 0 x 0 x x x 0 x x 0 x 0 x x ? x x 0 0 0 0 0 0 0 x x 0 0 x 0 x x 0 x ? 0 0 0 0 0 0 1 0 0 x 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x x 0 x x 0 x 0 x 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 x x 0 0 x x x 0 ? 0 0 x 0 x x x 0 x 0 x ? x x 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 x x 0 0 0 0 x x x x 0 x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 x 0 ? 0 0 x x x x x x 0 0 0 x 0 x 1 0 0 x 0 0 0 x ? 0 0 x x 0 x 0 0 0 x x 0 x x 0 0 0 x 0 x 0 0 x 0 0 0 x x 0 x 0 0 x 0 0 0 0 ? x x x x x x 0 0 x 0 0 0 0 x ? x 0 0 0 0 0 0 0 x 0 0 x x x 0 x ? x 0 x 0 x 0 0 0 0 0 0 x x x 0 x 0 x x 0 0 0 x x x 0 0 x x 0 x 0 x 0 0 0 0 0 1 ? x 0 x ? x x 0 x x 0 x x 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x ? 0 0 0 0 x 0 0 0 x 0 x 0 x 1 x 0 0 0 x x x x 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 x x 0 x x x x 0 0 0 0 0 0 0 x x ? 0 0 0 x 0 0 x 0 0 x 0 0 0 x 0 x x x x 0 x x 0 0 x 0 x 0 x 0 0 x x 0 0 0 x x x x 0 0 0 0 x 0 0 x 0 0 ? 0 0 0 0 x 0 x 0 0 0 0 0 x 0 x x 0 0 0 0 0 0 x x 0 x 0 0 0 0 x x ? x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 x 0 x 0 0 ? 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 x 0 0 ? 0 ? 0 0 0 x 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x x 0 x x x x x x x 0 x 0 x 0 0 0 x x x x x 1 x 0 0 0 1 0 0 0 0 x 0 0 0 0 x ? x x x x 0 x 0 0 x 0 0 x x 0 0 0 0 0 x x x 0 0 x 0 x x 0 x 0 0 x x 0 0 0 x x x 0 0 x 0 x x 0 0 0 0 x 0 x 0 0 0 1 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 0 x x x 0 0 0 x 0 1 x 0 x 0 0 0 0 x x x x 0 0 x 0 0 1 0 0 1 0 x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 0 x 0 0 0 x 0 x 0 0 0 0 0 x x 0 x x x 0 x x 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 0 x 0 0 0 0 x 0 x 0 x 1 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 x 0 0 ? 0 0 0 0 0 ? x 0 x 0 x x 0 x x 0 x x x 0 0 0 0 0 0 x x 0 x 0 0 x x 0 x x x x 0 0 x 0 0 x x x x 0 0 0 0 x ? x x x 0 0 0 0 x 0 0 x x 0 x 0 0 x x x 0 0 0 0 0 0 0 x 0 0 x 0 0 x 0 x 0 0 0 x x x 0 0 0 0 0 0 x 0 x 0 0 x x 0 x 0 x x x 0 0 0 0 ? ? 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x x 0 x 0 0 0 0 x 0 0 0 0 x x x x 0 1 1 0 0 0 0 x x x 0 x 0 0 x x ? x x x x 0 x x x 0 x x x 0 0 0 0 0 0 0 0 x x x x 0 0 0 0 x 0 0 x x x 0 0 0 x x 0 0 0 0 0 0 0 ? x 0 0 0 0 0 0 x x x 1 0 0 0 x x 0 x x 0 x 0 0 0 x 0 0 x 0 1 0 0 0 0 x 0 x 0 0 0 x x x 0 x 0 x 0 x x 0 x x x 0 x 0 0 x x 0 0 0 0 x 0 0 x x x x x 0 x 0 0 0 x x 0 0 ? 0 0 x x 0 x 0 0 x x 0 0 0 0 x x x x 0 0 0 x x x 0 x x 0 0 x 0 x 0 0 x x x x x 0 x x 0 x 0 0 x ? x x x x x x x x x x x x 0 0 0 x x x x 0 0 ? 0 x 0 0 0 0 x x 0 0 0 x 0 x 0 0 x 0 x x 0 x 0 0 0 0 ? 0 0 0 0 0 0 x 0 0 0 x 0 x x x x x 0 x x x 0 0 0 0 x 0 0 0 x x 0 0 0 0 0 0 x x 0 0 0 x x 1 0 0 0 x 0 ? 0 0 0 x x 1 x 0 0 0 x 0 0 0 x 0 0 x 2 0 0 x 0 0 0 x 0 0 0 x 0 x x x 0 0 0 0 0 0 0 x 0 0 0 x x 0 x x 0 0 0 x x 0 x 0 0 0 0 0 0 x x x x 0 0 0 0 0 0 ? x 0 0 0 x x 0 x 0 0 0 0 0 x 0 x x 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 x 0 x x 0 0 0 0 0 x x 1 x 0 0 0 0 0 0 0 x x x x 0 x x 0 0 x 0 0 0 0 0 0 0 0 x x x x x x x x 0 x 0 0 x x x x 1 0 0 x 0 0 0 0 x x 0 x 0 0 0 x 0 0 1 x 0 0 0 x 0 x 0 x x x x 0 0 x 0 x 0 0 x x 0 0 0 x x 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 x x 0 x 0 0 0 x 0 x 0 0 x x 0 x 0 x 0 x 0 0 0 x 0 0 0 x 0 0 ? 0 0 0 0 0 0 0 x 0 x 0 0 x 0 0 x x x x x 0 0 0 x x 0 0 0 0 0 x 0 0 0 x 0 x 0 x x 0 0 ? x x 0 0 x x 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 ? x 0 0 x x x x 0 0 0 x 0 x 0 0 0 x 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x 0 0 0 0 0 0 x 0 0 0 x 0 x 0 x 0 0 0

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Mimikatz.CO

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Backdoor.Mimikatz.CO

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Windows API Usage

Windows API Usage

Submit Comment

Trending

Thewebtimes.net

PUP.KISS Keylogger

'866-291-9960' Pop-Ups

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen