gsecdump

MITRE

Malware Type:
Tool

First seen:
Unknown

Last seen:
Unknown

Details:

[gsecdump](https://attack.mitre.org/software/S0008) is a publicly-available credential dumper used to obtain password hashes and LSA secrets from Windows operating systems. (Citation: TrueSec Gsecdump)

Associated Techniques (2)

ID	ATT&CK	Tactics
T1003.002	Security Account Manager	-
T1003.004	LSA Secrets	-

Used by Actors (5)

APT1
Nation-state

BRONZE BUTLER
Unknown

PittyTiger
Unknown

Threat Group-3390
Unknown

Tonto Team
Nation-state

Metadata

ID:	756
Created:	13/01/2026 17:48
Updated:	23/04/2026 04:00