Skip to content

Hide Navigation Hide TOC

Access To Browser Credential Files By Uncommon Application (91cb43db-302a-47e3-b3c8-7ede481e27bf)

Detects file access requests to browser credential stores by uncommon processes. Could indicate potential attempt of credential stealing. Requires heavy baselining before usage

Cluster A Galaxy A Cluster B Galaxy B Level
Access To Browser Credential Files By Uncommon Application (91cb43db-302a-47e3-b3c8-7ede481e27bf) Sigma-Rules OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) Attack Pattern 1