!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
VWATAUAVH
A^A]A\_^
LcA<E3
EP=csm
Ep=csm
E`=csm
E(=csm
E@=csm
EX=csm
Ex=csm
```hhh
xppwpp
OpenProcessToken
CreateProcessAsUserW
SetTokenInformation
DuplicateTokenEx
ADVAPI32.dll
CreateEnvironmentBlock
DestroyEnvironmentBlock
USERENV.dll
WinStationEnumerateW
WinStationFreeMemory
WINSTA.dll
GetCurrentProcess
SetLastError
CloseHandle
KERNEL32.dll
msvcrt.dll
memset
__C_specific_handler
_XcptFilter
malloc
_initterm
_amsg_exit
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
mimispool.dll
DrvDisableDriver
DrvEnableDriver
DrvQueryDriverInfo
DrvResetConfigCache
GenerateCopyFilePaths
SpoolerCopyFileEvent
Greater Manchester1
Salford1
Comodo CA Limited1!0
AAA Certificate Services0
210525000000Z
281231235959Z0V1
Sectigo Limited1-0+
$Sectigo Public Code Signing Root R460
H/(@Bp 6
2http://crl.comodoca.com/AAACertificateServices.crl04
http://ocsp.comodoca.com0
Sectigo Limited1-0+
$Sectigo Public Code Signing Root R460
210322000000Z
360321235959Z0T1
Sectigo Limited1+0)
"Sectigo Public Code Signing CA R360
FFlCx@
H/(@Bp 6
:http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0{
:http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
http://ocsp.sectigo.com0
ts7!:o
n0PPd}
Sectigo Limited1+0)
"Sectigo Public Code Signing CA R360
240604000000Z
250604235959Z0b1
Illinois1 0
McDonald's Corporation1 0
McDonald's Corporation0
D@\[2{
a1{0zYZ
https://sectigo.com/CPS0
8http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
8http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
http://ocsp.sectigo.com0
\mmYL3
Sectigo Limited1+0)
"Sectigo Public Code Signing CA R36
$>T51v
|1g3\P
9{y=&aIa
H(%|a
20250407023529Z
Manchester1
Sectigo Limited100.
'Sectigo Public Time Stamping Signer R35
Sectigo Limited1,0*
#Sectigo Public Time Stamping CA R360
240115000000Z
350414235959Z0n1
Manchester1
Sectigo Limited100.
'Sectigo Public Time Stamping Signer R350
x2<C>4C
https://sectigo.com/CPS0
9http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z
9http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#
http://ocsp.sectigo.com0
% 2Ka~
Sectigo Limited1.0,
%Sectigo Public Time Stamping Root R460
210322000000Z
360321235959Z0U1
Sectigo Limited1,0*
#Sectigo Public Time Stamping CA R360
;http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0|
;http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#
http://ocsp.sectigo.com0
%59)$J+
G{JVHa
New Jersey1
Jersey City1
The USERTRUST Network1.0,
%USERTrust RSA Certification Authority0
210322000000Z
380118235959Z0W1
Sectigo Limited1.0,
%Sectigo Public Time Stamping Root R460
8hm)(od
?http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl05
http://ocsp.usertrust.com0
avI&Q_
.TPfo:
Sectigo Limited1,0*
#Sectigo Public Time Stamping CA R36
250407023529Z0?
Sectigo Limited1.0,
%Sectigo Public Time Stamping Root R46
New Jersey1
Jersey City1
The USERTRUST Network1.0,
%USERTrust RSA Certification Authority
cmd.exe
winsta0\default
VS_VERSION_INFO
StringFileInfo
040904b0
ProductName
mimispool (mimikatz)
ProductVersion
2.2.0.0
CompanyName
gentilkiwi (Benjamin DELPY)
FileDescription
mimispool for Windows (mimikatz)
FileVersion
0.3.0.0
InternalName
mimispool
LegalCopyright
Copyright (c) 2007 - 2021 gentilkiwi (Benjamin DELPY)
OriginalFilename
mimispool.dll
PrivateBuild
Build with love for POC only
SpecialBuild
VarFileInfo
Translation