Win64/Riskware.Mimikatz.AA malicious file

The Win64/Riskware.Mimikatz.AA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win64/Riskware.Mimikatz.AA virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Yara rule detections observed from a process memory dump/dropped files/CAPE
Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
CAPE detected the mimikatz malware family

How to determine Win64/Riskware.Mimikatz.AA?


File Info:
name: EAC4F604A8E94B37E1B9.mlw
path: /opt/CAPEv2/storage/binaries/61b01cd714e78840277e089fa883d70e8080ee5a0e988217851956c8fe4576da
crc32: 4E3962F4
md5: eac4f604a8e94b37e1b9a1534c44eef9
sha1: 46fe0527ce837ec7227bcd8bf4e5a5a3359052b5
sha256: 61b01cd714e78840277e089fa883d70e8080ee5a0e988217851956c8fe4576da
sha512: 28ae6b49dc11329085a090a3aac81ad42b53211708cf4c9598699c420eb41b879405dcaef947cc24aee33ae74653f13a44251447100a47200720dd78d5ff7b13
ssdeep: 6144:ORfqf/QrCLAGhKWDL0fIXDLtlsUIOSEcE0E08ZiJ5qtz:ORSfF8LWtXftmXOSEWE0gz
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T179940957F3F610E8E8FAD1348A67B53BF97278554134D70B87589A274F22B20AE2DB10
sha3_384: cb7bd4bd7093d1d2dfad57159dcbe6ef91422413ee5a9f672c543f022709f1c64f5158b5bfdfe8e371c78cbdd9d3d51d
ep_bytes: 4883ec28e85b0200004883c428e972fe
timestamp: 2021-11-08 08:35:13

Version Info:
0: [No Data]

Win64/Riskware.Mimikatz.AA also known as:

Lionic	Trojan.Win64.Mimikatz.i!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Heur.Mimikatz.1
FireEye	Generic.mg.eac4f604a8e94b37
ALYac	Gen:Heur.Mimikatz.1
Cylance	Unsafe
K7AntiVirus	Trojan ( 005270b91 )
K7GW	Trojan ( 005270b91 )
Cybereason	malicious.4a8e94
ESET-NOD32	a variant of Win64/Riskware.Mimikatz.AA
ClamAV	Win.Trojan.Mimikatz-6466236-0
Kaspersky	HEUR:Trojan-PSW.Win64.Mimikatz.gen
BitDefender	Gen:Heur.Mimikatz.1
Avast	Win64:Malware-gen
Tencent	Win64.Trojan-qqpass.Qqrob.Anpk
Ad-Aware	Gen:Heur.Mimikatz.1
Sophos	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win64.Injector.gm
Emsisoft	Gen:Heur.Mimikatz.1 (B)
Ikarus	PUA.Mimikatz
GData	Gen:Heur.Mimikatz.1
Gridinsoft	Ransom.Win64.Sabsik.sa
ViRobot	Trojan.Win32.Z.Mimikatz.447488
Microsoft	Program:Win32/Wacapew.C!ml
Cynet	Malicious (score: 100)
McAfee	Artemis!EAC4F604A8E9
MAX	malware (ai score=85)
Malwarebytes	HackTool.Mimikatz
TrendMicro-HouseCall	TROJ_GEN.R002H0CLB21
SentinelOne	Static AI – Malicious PE
Fortinet	Riskware/Mimikatz
AVG	Win64:Malware-gen
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Win64/Riskware.Mimikatz.AA?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Win64/Riskware.Mimikatz.AA malicious file

Gridinsoft Anti-Malware

How to determine Win64/Riskware.Mimikatz.AA?

File Info:

Version Info:

Win64/Riskware.Mimikatz.AA also known as:

How to remove Win64/Riskware.Mimikatz.AA?

About the author

Paul Valéry

Leave a Comment X

Gridinsoft Anti-Malware

How to determine Win64/Riskware.Mimikatz.AA?

File Info:

Version Info:

Win64/Riskware.Mimikatz.AA also known as:

How to remove Win64/Riskware.Mimikatz.AA?

You may also like

About the author

Paul Valéry

Leave a Comment X