Class: HackTool
HackTool programs are used to create new users in the list of permitted system visitors, and to delete information from system logs in order to hide the malicious user’s presence on the system. These programs are also used to analyze and collect network packets to carry out specific malicious actions. Malicious users employ HackTool programs when setting up attacks on local or remote computers.Read more
Platform: Win32
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.Family: HackTool.Win32.PWDump.cp
No family descriptionExamples
353D53547FE28A3ED28726BCFAAB3E77BF0BFF0DA1708318491E8564BA0B3FCC
A01DF6B3B09BF4E4EE2BD589818B8A79
D5815A6BB849E5B74418E6551F36744D
3B7B264DF46E719D583642BAB31829DD
Tactics and Techniques: Mitre*
Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Several of the tools mentioned in associated sub-techniques may be used by both adversaries and professional security testers. Additional custom tools likely exist as well.
Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Several of the tools mentioned in associated sub-techniques may be used by both adversaries and professional security testers. Additional custom tools likely exist as well.
* © 2024 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.