GetUserSPNS.vbs
Description
(Mandiant) In three FIN13 investigations, the threat actors employed a variant of the GetUserSPNS.vbs script to identify user accounts associated with a Service Principal Name that could be targeted for an attack known as “Kerberoasting” to crack the users’ passwords.
Names
| Name |
|---|
| GetUserSPNS.vbs |
Category
Malware
Type
- Info stealer
Information
Other Information
Uuid
e47fe86d-3a93-4f99-8230-5a291ae1472e
Last Card Change
2021-12-26