Home >
Enterprise >
Participants >
Trend Micro >
Unsecured Credentials: Private Keys (T1552.004)
|
|
See subtechnique results for:
Carbanak+FIN7 |
||
The subtechnique was not in scope. |
APT29 |
||||||||
Step | ATT&CK Pattern |
|
||||||
6.B.1
|
|
Procedure
Exported a local certificate to a PFX file using PowerShell
Criteria
powershell.exe creating a certificate file exported from the system
Footnotes
- The logic used to produce this detection was configured after the start of the evaluation, so it is identified as a Detection Configuration Change.

