This commit is contained in:
Deborah Servili 2019-10-07 14:38:16 +02:00
parent 5355910a8f
commit c27385cfa4
No known key found for this signature in database
GPG key ID: 7E3A832850D4D7D1

View file

@ -7846,16 +7846,19 @@
"value": "Reductor"
},
{
"value": "ProcDump",
"description": "Legitimate tool - command-line tool used to monitor a running process and dump memory depending on customcriteria. The attackers use this tool to dump the LSASS process to gatherWINDOWScredentials hashes"
"description": "Legitimate tool - command-line tool used to monitor a running process and dump memory depending on customcriteria. The attackers use this tool to dump the LSASS process to gatherWINDOWScredentials hashes",
"uuid": "1ae22855-c343-4ae9-8cab-522c9da938aa",
"value": "ProcDump"
},
{
"value": "CertMig",
"description": "Legitimate tool - command-line tool used to import and export certificates on a machine. The attackers use this toolto gather credentials used for VPN authentication to the clients networks"
"description": "Legitimate tool - command-line tool used to import and export certificates on a machine. The attackers use this toolto gather credentials used for VPN authentication to the clients networks",
"uuid": "fadd0d1f-b098-43ea-b7a6-50fb58aef9f6",
"value": "CertMig"
},
{
"value": "Netscan",
"description": "Legitimate tool - tool used to scan IPv4/IPv6 networks and remotely execute PowerShell commands."
"description": "Legitimate tool - tool used to scan IPv4/IPv6 networks and remotely execute PowerShell commands.",
"uuid": "bbba3a35-5064-4e60-ad4b-0ba16cc81a23",
"value": "Netscan"
}
],
"version": 126