HOMEFRY

HOMEFRY is a 64-bit Windows password dumper/cracker that has previously been used in conjunction with other Leviathan backdoors. [1]

ID: S0232
Aliases: HOMEFRY
Type: MALWARE
Platforms: Windows

Version: 1.0

Alias Descriptions

NameDescription
HOMEFRY[1]

Techniques Used

DomainIDNameUse
EnterpriseT1059Command-Line Interfaceuses a command-line interface.[1]
EnterpriseT1003Credential Dumpingcan perform credential dumping.[1]
EnterpriseT1027Obfuscated Files or InformationSome strings in are obfuscated with XOR x56.[1]

Groups

Groups that use this software:

Leviathan

References