Home > List all groups > List all tools > List all groups using tool Mimikatz

Threat Group Cards: A Threat Actor Encyclopedia

Tool: Mimikatz

Names	Mimikatz
Category	Tools
Type	Credential stealer, Keylogger
Description	(SANS) Mimikatz provides a wealth of tools for collecting and making use of Windows credentials on target systems, including retrieval of cleartext passwords, Lan Manager hashes, and NTLM hashes, certificates, and Kerberos tickets. The tools run with varying success on all versions of Windows from XP forward, with functionality somewhat limited in Windows 8.1 and later.
Information	<https://github.com/gentilkiwi/mimikatz> <https://www.sans.org/reading-room/whitepapers/intrusion/mimikatz-overview-defenses-detection-36780> <https://www.wired.com/story/how-mimikatz-became-go-to-hacker-tool/> <https://www.crowdstrike.com/blog/credential-theft-mimikatz-techniques/>
MITRE ATT&CK	<https://attack.mitre.org/software/S0002/>
Malpedia	<https://malpedia.caad.fkie.fraunhofer.de/details/win.mimikatz>
AlienVault OTX	<https://otx.alienvault.com/browse/pulses?q=tag:mimikatz>

Last change to this tool card: 14 May 2020

Download this tool card in JSON format

All groups using tool Mimikatz

Changed	Name	Country	Observed
APT groups
	ALPHV, BlackCat Gang	[Unknown]	2021-Mar 2024
	↳ Subgroup: Scattered Spider	[Unknown]	2022-Aug 2025
	APT 20, Violin Panda		2014-2017
	APT 29, Cozy Bear, The Dukes		2008-Feb 2025
	APT 32, OceanLotus, SeaLotus		2013-Aug 2024
	APT 33, Elfin, Magnallium		2013-Apr 2024
	APT 41		2012-Jul 2025
	AVIVORE		2015
	Boss Spider, Gold Lowell		2015-Nov 2018
	Bronze Butler, Tick, RedBaldNight, Stalker Panda		2006-Apr 2021
	Calypso		2016-Aug 2021
	Carbanak, Anunak		2013-Apr 2023
	Chafer, APT 39		2014-Sep 2020
	Cobalt Group		2016-Oct 2019
	Comment Crew, APT 1		2006-May 2018
	Dalbit		2022
	DarkHydrus, LazyMeerkat		2016-Jan 2019
	Earth Lusca		2019-Sep 2024
	Emissary Panda, APT 27, LuckyMouse, Bronze Union		2010-Aug 2023
	FIN6, Skeleton Spider	[Unknown]	2015-Oct 2021
	FIN7		2013-Jul 2024
	Flax Typhoon		2021-Nov 2023
	Gallium		2018-Jun 2022
	Grayling	[Unknown]	2023
	Hurricane Panda		2013-Mar 2014
	IAmTheKing		2018
	Indrik Spider		2007-Oct 2024
	Ke3chang, Vixen Panda, APT 15, GREF, Playful Dragon		2010-Oct 2024
	Kimsuky, Velvet Chollima		2012-Aug 2025
	Lazarus Group, Hidden Cobra, Labyrinth Chollima		2007-May 2025
	Leafminer, Raspite		2017
	LockBit Gang	[Unknown]	2019-May 2025
	Lotus Blossom, Spring Dragon, Thrip		2012-Aug 2024
	Magic Hound, APT 35, Cobalt Illusion, Charming Kitten		2012-Jun 2025
	Mallard Spider	[Unknown]	2008-Dec 2020
	Mikroceen		2017-Mar 2021
	MuddyWater, Seedworm, TEMP.Zagros, Static Kitten		2017-Jul 2025
	Mustang Panda, Bronze President		2012-Jun 2025
	OilRig, APT 34, Helix Kitten, Chrysene		2014-Sep 2024
	Operation Digital Eye		2024
	Operation Diplomatic Specter		2022
	Operation Harvest		2016
	Operation SignSight	[Unknown]	2020
	Operation SLOW#TEMPEST		2024
	Operation Tainted Love		2023
	PittyTiger, Pitty Panda		2011-2014
	Salt Typhoon, GhostEmperor		2020-Feb 2025
	Sofacy, APT 28, Fancy Bear, Sednit		2004-Apr 2025
	Stone Panda, APT 10, menuPass		2006-Mar 2025
	TA2101, Maze Team	[Unknown]	2019-Feb 2024
	TaskMasters		2010-May 2021
	TEMP.Veles		2014-Mar 2022
	Tonto Team, HartBeat, Karma Panda		2009-Apr 2023
	Traveling Spider	[Unknown]	2019-Mar 2021
	Turla, Waterbug, Venomous Bear		1996-2024
	UNC215		2019
	UNC2447	[Unknown]	2020
	Wassonite		2018-Oct 2019
	Whitefly, Mofang	[Unknown]	2012-Jul 2018
	Worok		2020
Other groups
	Karakurt	[Unknown]	2021-Sep 2022
	Parinacota	[Unknown]	2018

62 groups listed (60 APT, 2 other, 0 unknown)

↑

Threat Group Cards: A Threat Actor Encyclopedia

Tool: Mimikatz

All groups using tool Mimikatz

APT groups

Other groups

Follow us on

Report incidents