How to remove mimidrv.sys

» File
File Details
Overview
Analysis

mimidrv.sys

The module mimidrv.sys has been detected as Hack.Mimikatz

mimidrv.sys

Remove mimidrv.sys

File Details

Main Info:

Product Name:	mimidrv (mimikatz)
Company Name:	gentilkiwi (Benjamin DELPY)
MD5:	a33089d4e50f7d2ea8b52ca95d26ebf3
Size:	30 KB
First Published:	2018-09-05 03:16:57 (5 years ago)
Latest Published:	2020-11-25 23:24:59 (3 years ago)

Analysis:

Status:	Hack.Mimikatz (on last analysis)
Analysis Date:	2020-11-25 23:24:59 (3 years ago)

Overview

Digital Signature

Signed By:	Open Source Developer, Benjamin Delpy
Status:	Valid

Common Places:

%desktop%\aaaaaa\m

%sysdrive%\$recycle.bin\s-1-5-21-4002530241-252803949-4081733239-1001\$r0x0u0a

%sysdrive%\$recycle.bin\s-1-5-21-4002530241-252803949-4081733239-1001\$ruk6czp

%sysdrive%\bcert 19-02\encryption exercise\mimikatz_trunk.zip

Geography:

	50.0%
	25.0%
	25.0%

OS Version:

Windows 8.1	50.0%
Windows Server 2012 R2	25.0%
Windows 10	25.0%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	32
Image Base:	0x00010000
Entry Address:	0x0000703e

PE Sections:

Name	Size of data	MD5
.text	9216	b5c345b3591f498b437dd5cc95f2a195
.rdata	4096	be5b1a94c3bab889f7278f07aa145e65
.data	4096	3db5b2d9bf6256cf31d9f7b01c884ab5
PAGE	1024	73258624709dc2a6d98bbe1d6ac0a2b8
INIT	1536	fcfb613c49da8e0ee7b1756154fd1279
.rsrc	1536	086183836d310c89a96baed75a628663
.reloc	1536	ce408d0dcc9aa87104d1b01177530fbf

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for mimidrv.sys

copyright for information about mimidrv.sys