Home / malware HackTool:Win32/PWDump.A
First posted on 15 February 2019.
Source: MicrosoftAliases :
There are no other names known for HackTool:Win32/PWDump.A.
Explanation :
HackTool:Win32/PWDump.A is a tool used to obtain password hashes from Windows NT and 2000 machines. The tool is installed as a service, usually named pwservice.exe. It utilizes the files pwdump3.exe and lsaext.dll, and is designed to remotely obtain password hashes from the memory of the target machine. Note: The tool requires administrator privileges on the targeted machine in order to be effective. Analysis by Matt McCormack
Last update 15 February 2019
