Register to stream ATT&CKcon 2.0 October 29-30

Windows Credential Editor

Windows Credential Editor is a password dumping tool. [1]

ID: S0005
Associated Software: WCE
Type: TOOL
Platforms: Windows
Version: 1.0

Techniques Used

Domain ID Name Use
Enterprise T1003 Credential Dumping Windows Credential Editor can dump credentials. [1]

Groups That Use This Software

ID Name References
G0060 BRONZE BUTLER [2] [3]
G0037 FIN6 [4]
G0053 FIN5 [5] [6]
G0027 Threat Group-3390 [7]
G0087 APT39 [8]
G0065 Leviathan [9]