Třída: Trojan-PSW
Programy Trojan-PSW jsou navrženy tak, aby ukradly informace o uživatelských účtech, jako jsou přihlašovací údaje a hesla z infikovaných počítačů. PSW je zkratka pro Password Stealing Ware.Při spuštění PSW trojan hledá systémové soubory, které ukládají řadu důvěrných dat nebo registru. Pokud je tato data nalezena, Trojan pošle zprávu "master". E-mail, FTP, web (včetně dat v žádosti) nebo jiné metody mohou být použity k přepravě ukradených dat.
Některé takové trojské koně také ukradnou registrační informace pro určité softwarové programy.
Platfoma: Win64
Win64 je platforma v operačních systémech Windows pro provádění 32- / 64bitových aplikací. Programy Win64 nelze spustit v 32bitových verzích systému Windows.Family: Trojan-PSW.Win64.BroPass
No family descriptionExamples
1C68BE45821C555FE4098E91555B65DFTactics and Techniques: Mitre*
TA0006
Credential Access
The adversary is trying to steal account names and passwords. Credential Access consists of techniques for stealing credentials like account names and passwords. Techniques used to get credentials include keylogging or credential dumping. Using legitimate credentials can give adversaries access to systems, make them harder to detect, and provide the opportunity to create more accounts to help achieve their goals.
T1539
Steal Web Session Cookie
An adversary may steal web application or service session cookies and use them to gain access to web applications or Internet services as an authenticated user without needing credentials. Web applications and services often use session cookies as an authentication token after a user has authenticated to a website.
TA0007
Discovery
The adversary is trying to figure out your environment. Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what's around their entry point in order to discover how it could benefit their current objective. Native operating system tools are often used toward this post-compromise information-gathering objective.
T1217
Browser Information Discovery
Adversaries may enumerate information about browsers to learn more about compromised environments. Data saved by browsers (such as bookmarks, accounts, and browsing history) may reveal a variety of personal information about users (e.g., banking sites, relationships/interests, social media, etc.) as well as details about internal network resources such as servers, tools/dashboards, or other related infrastructure.
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.