Windows Credential Editor is a password dumping tool. [1]
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1003 | .001 | OS Credential Dumping: LSASS Memory |
Windows Credential Editor can dump credentials.[1] |
ID | Name | References |
---|---|---|
G0060 | BRONZE BUTLER | |
G0037 | FIN6 | |
G0053 | FIN5 | |
G0027 | Threat Group-3390 | |
G0087 | APT39 | |
G0065 | Leviathan | |
G0093 | GALLIUM |