Skip to content

Hide Navigation Hide TOC

PUA - WebBrowserPassView Execution (d0dae994-26c6-4d2d-83b5-b3c8b79ae513)

Detects the execution of WebBrowserPassView.exe. A password recovery tool that reveals the passwords stored by the following Web browsers, Internet Explorer (Version 4.0 - 11.0), Mozilla Firefox (All Versions), Google Chrome, Safari, and Opera

Cluster A Galaxy A Cluster B Galaxy B Level
Credentials from Web Browsers - T1555.003 (58a3e6aa-4453-4cc8-a51f-4befe80b31a8) Attack Pattern PUA - WebBrowserPassView Execution (d0dae994-26c6-4d2d-83b5-b3c8b79ae513) Sigma-Rules 1
Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern Credentials from Web Browsers - T1555.003 (58a3e6aa-4453-4cc8-a51f-4befe80b31a8) Attack Pattern 2