Potential Invoke-Mimikatz PowerShell Script (189e3b02-82b2-4b90-9662-411eb64486d4)
Detects Invoke-Mimikatz PowerShell script and alike. Mimikatz is a credential dumper capable of obtaining plaintext Windows account logins and passwords.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Potential Invoke-Mimikatz PowerShell Script (189e3b02-82b2-4b90-9662-411eb64486d4) | Sigma-Rules | OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) | Attack Pattern | 1 |