Intrusion Prevention

Post.Exploitation.Credential.Stealer.Mimikatz

Description

This indicates an attempt to use Mimikatz.
Mimikatz is a tool for stealing Windows password and credentials. It can extract plaintexts passwords, hash, PIN code and kerberos tickets from memory.

Affected Products

Any vulnerable Windows systems

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems

Recommended Actions

Monitor traffics from that network for any suspicious activity.