Skip to content

S0179 MimiPenguin

MimiPenguin is a credential dumper, similar to Mimikatz, designed specifically for Linux platforms. 1

Item Value
ID S0179
Associated Names
Type TOOL
Version 1.2
Created 16 January 2018
Last Modified 15 October 2021
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
enterprise T1003 OS Credential Dumping -
enterprise T1003.007 Proc Filesystem MimiPenguin can dump process memory and extract clear-text credentials.1

Groups That Use This Software

ID Name References
G0139 TeamTNT 2

References

  1. Gregal, H. (2017, May 12). MimiPenguin. Retrieved December 5, 2017. 

  2. Quist, N. (2020, October 5). Black-T: New Cryptojacking Variant from TeamTNT. Retrieved September 22, 2021. 

Back to top