Names | Lslsass | |
Category | Tools | |
Type | Credential stealer | |
Description | Lslsass is a publicly-available tool that can dump active logon session password hashes from the lsass process. | |
Information | <https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf> | |
MITRE ATT&CK | <https://attack.mitre.org/software/S0121/> |
Last change to this tool card: 30 December 2022
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
Comment Crew, APT 1 | 2006-May 2018 |
1 group listed (1 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |