SecurityHome.eu HackTool:Win32/Gsecdump

Home / malware PDF

HackTool:Win32/Gsecdump

First posted on 04 November 2010.
Source: SecurityHome
Aliases :
HackTool:Win32/Gsecdump is also known as HackTool.FFC (AVG), HackTool.Win32.Agent.ym (Kaspersky), HTool-GSECDump (McAfee), W32/Hacktool.AY (Norman), Trojan.Moo (Symantec), HKTL_AGENT (Trend Micro).
Explanation :
HackTool:Win32/Gsecdump is a tool used within a command-line interface to dump the Windows SAM database, cached domain credentials, LSA details and active logon sessions.
Top

HackTool:Win32/Gsecdump is a tool used within a command-line interface to dump the Windows SAM database, cached domain credentials, LSA details and active logon sessions. This tool may be used in conjunction with malware or other penetration testing tools to circumvent the Windows authentication system.

Analysis by Vincent Tiu
Last update 04 November 2010

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20