ioc[.]one - OSINT Cyber Threat Intelligence Database

Diving into Pre-Created Computer Accounts - TrustedSec

Tags

attack-pattern:

Data Dns - T1071.004 Dns - T1590.002 Server - T1583.004 Server - T1584.004 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	e3f379f8-9d20-40ea-a571-1e72590c8843
Fingerprint	e71053990de02ee4
Analysis status	DONE
Considered CTI value	0
Text language
Published	May 10, 2022, 12:45 p.m.
Added to db	Jan. 18, 2023, 11:51 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Diving into Pre-Created Computer Accounts
Title	Diving into Pre-Created Computer Accounts - TrustedSec
Detected Hints/Tags/Attributes	40/1/17

Source URLs

	Redirection	Url
Details	Source	https://www.trustedsec.com/blog/diving-into-pre-created-computer-accounts/

URL Provider

Details	Provider	Source level domain
Details	trustedsec.com	www.trustedsec.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	105		web.archive.org
Details	Domain	128		support.microsoft.com
Details	Domain	5		smbclient.py
Details	Domain	1		rpcchangepwd.py
Details	Domain	1		valhall.int
Details	Domain	1		dc01.valhall.int
Details	Domain	6		gettgt.py
Details	File	5		smbclient.py
Details	File	1		draft-ietf-cat-kerb-chg-password-02.txt
Details	File	1		draft-ietf-cat-kerberos-set-passwd-00.txt
Details	File	1		rpcchangepwd.py
Details	File	1		aclprocessor.cs
Details	File	5		gettgt.py
Details	Github username	10		bloodhoundad
Details	sha1	1		3d2ccd14f36b7fe2be94bcf7f265582dcde49a16
Details	Url	1		https://web.archive.org/web/20080205233505/http://support.microsoft.com/kb/320187.
Details	Url	1		https://github.com/bloodhoundad/sharphoundcommon/blob/3d2ccd14f36b7fe2be94bcf7f265582dcde49a16/src/commonlib/processors/aclprocessor.cs#l273