Skip to content

Hide Navigation Hide TOC

Active Directory Credential Request (02d090b6-8157-48da-98a2-517f7edd49fc)

A user requested active directory credentials, such as a ticket or token (ex: Windows EID 4769)

Cluster A Galaxy A Cluster B Galaxy B Level
Active Directory Credential Request (02d090b6-8157-48da-98a2-517f7edd49fc) mitre-data-component Kerberoasting - T1558.003 (f2877f7f-9a4c-4251-879f-1224e3006bee) Attack Pattern 1
Active Directory Credential Request (02d090b6-8157-48da-98a2-517f7edd49fc) mitre-data-component Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) Attack Pattern 1
Use Alternate Authentication Material - T1550 (51a14c76-dd3b-440b-9c20-2bf91d25a814) Attack Pattern Active Directory Credential Request (02d090b6-8157-48da-98a2-517f7edd49fc) mitre-data-component 1
Active Directory Credential Request (02d090b6-8157-48da-98a2-517f7edd49fc) mitre-data-component AS-REP Roasting - T1558.004 (3986e7fd-a8e9-4ecb-bfc6-55920855912b) Attack Pattern 1
Pass the Ticket - T1550.003 (7b211ac6-c815-4189-93a9-ab415deca926) Attack Pattern Active Directory Credential Request (02d090b6-8157-48da-98a2-517f7edd49fc) mitre-data-component 1
Steal or Forge Authentication Certificates - T1649 (7de1f7ac-5d0c-4c9c-8873-627202205331) Attack Pattern Active Directory Credential Request (02d090b6-8157-48da-98a2-517f7edd49fc) mitre-data-component 1
Active Directory Credential Request (02d090b6-8157-48da-98a2-517f7edd49fc) mitre-data-component Pass the Hash - T1550.002 (e624264c-033a-424d-9fd7-fc9c3bbdb03e) Attack Pattern 1
Active Directory Credential Request (02d090b6-8157-48da-98a2-517f7edd49fc) mitre-data-component Golden Ticket - T1558.001 (768dce68-8d0d-477a-b01d-0eea98b963a1) Attack Pattern 1
Kerberoasting - T1558.003 (f2877f7f-9a4c-4251-879f-1224e3006bee) Attack Pattern Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) Attack Pattern 2
AS-REP Roasting - T1558.004 (3986e7fd-a8e9-4ecb-bfc6-55920855912b) Attack Pattern Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) Attack Pattern 2
Use Alternate Authentication Material - T1550 (51a14c76-dd3b-440b-9c20-2bf91d25a814) Attack Pattern Pass the Ticket - T1550.003 (7b211ac6-c815-4189-93a9-ab415deca926) Attack Pattern 2
Use Alternate Authentication Material - T1550 (51a14c76-dd3b-440b-9c20-2bf91d25a814) Attack Pattern Pass the Hash - T1550.002 (e624264c-033a-424d-9fd7-fc9c3bbdb03e) Attack Pattern 2
Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) Attack Pattern Golden Ticket - T1558.001 (768dce68-8d0d-477a-b01d-0eea98b963a1) Attack Pattern 2