Skip to content

S0119 Cachedump

Cachedump is a publicly-available tool that program extracts cached password hashes from a system’s registry. 1

Item Value
ID S0119
Associated Names
Version 1.1
Created 31 May 2017
Last Modified 30 March 2020
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
enterprise T1003 OS Credential Dumping -
enterprise T1003.005 Cached Domain Credentials Cachedump can extract cached password hashes from cache entry information.1

Groups That Use This Software

ID Name References
G0006 APT1 1


Back to top