Contact Privacy DMCA

Robuta
https://attack.mitre.org/techniques/T1574/001/ Hijack Execution Flow: DLL, Sub-technique T1574.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquehijackexecutionflow https://attack.mitre.org/matrices/enterprise/ Matrix - Enterprise | MITRE ATT&CK® enterprise mitre attmatrix https://attack.mitre.org/techniques/enterprise/ Techniques - Enterprise | MITRE ATT&CK® enterprise mitre atttechniques https://attack.mitre.org/techniques/T1136/ Create Account, Technique T1136 - Enterprise | MITRE ATT&CK® enterprise mitre attcreate accounttechnique https://attack.mitre.org/techniques/T1056/004/ Input Capture: Credential API Hooking, Sub-technique T1056.004 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueinputcapturecredential https://attack.mitre.org/techniques/T1070/009/ Indicator Removal: Clear Persistence, Sub-technique T1070.009 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueindicatorremovalclear https://attack.mitre.org/techniques/T1218/003/ System Binary Proxy Execution: CMSTP, Sub-technique T1218.003 - Enterprise | MITRE ATT&CK® enterprise mitre attproxy executionsub techniquesystembinary https://attack.mitre.org/techniques/T1588/007/ Obtain Capabilities: Artificial Intelligence, Sub-technique T1588.007 - Enterprise | MITRE ATT&CK® enterprise mitre attartificial intelligencesub techniqueobtaincapabilities https://attack.mitre.org/techniques/T1102/001/ Web Service: Dead Drop Resolver, Sub-technique T1102.001 - Enterprise | MITRE ATT&CK® enterprise mitre attweb servicesub techniquedeaddrop https://attack.mitre.org/techniques/T1564/ Hide Artifacts, Technique T1564 - Enterprise | MITRE ATT&CK® enterprise mitre atthideartifactstechnique https://attack.mitre.org/techniques/T1057/ Process Discovery, Technique T1057 - Enterprise | MITRE ATT&CK® enterprise mitre attdiscovery techniqueprocess https://attack.mitre.org/techniques/T1199/ Trusted Relationship, Technique T1199 - Enterprise | MITRE ATT&CK® enterprise mitre atttrustedrelationshiptechnique https://attack.mitre.org/techniques/T1218/011/ System Binary Proxy Execution: Rundll32, Sub-technique T1218.011 - Enterprise | MITRE ATT&CK® enterprise mitre attproxy executionsub techniquesystembinary https://attack.mitre.org/techniques/T1059/006/ Command and Scripting Interpreter: Python, Sub-technique T1059.006 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquecommandscriptinginterpreter https://attack.mitre.org/techniques/T1686/ Disable or Modify System Firewall, Technique T1686 - Enterprise | MITRE ATT&CK® enterprise mitre attdisablemodifysystemfirewall https://attack.mitre.org/techniques/T1583/001/ Acquire Infrastructure: Domains, Sub-technique T1583.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueacquireinfrastructuredomains https://attack.mitre.org/techniques/T1105/ Ingress Tool Transfer, Technique T1105 - Enterprise | MITRE ATT&CK® enterprise mitre attingresstooltransfertechnique https://attack.mitre.org/techniques/T1033/ System Owner/User Discovery, Technique T1033 - Enterprise | MITRE ATT&CK® enterprise mitre attsystem ownerdiscovery techniqueuser https://attack.mitre.org/techniques/T1132/ Data Encoding, Technique T1132 - Enterprise | MITRE ATT&CK® enterprise mitre attdata encodingtechnique https://attack.mitre.org/techniques/T1135/ Network Share Discovery, Technique T1135 - Enterprise | MITRE ATT&CK® enterprise mitre attdiscovery techniquenetworkshare https://attack.mitre.org/techniques/T1134/ Access Token Manipulation, Technique T1134 - Enterprise | MITRE ATT&CK® enterprise mitre attaccess tokenmanipulationtechnique https://attack.mitre.org/techniques/T1598/ Phishing for Information, Technique T1598 - Enterprise | MITRE ATT&CK® enterprise mitre attphishinginformationtechnique https://attack.mitre.org/techniques/T1497/ Virtualization/Sandbox Evasion, Technique T1497 - Enterprise | MITRE ATT&CK® enterprise mitre attvirtualizationsandboxevasiontechnique https://attack.mitre.org/techniques/T1555/ Credentials from Password Stores, Technique T1555 - Enterprise | MITRE ATT&CK® enterprise mitre attcredentialspasswordstorestechnique https://attack.mitre.org/techniques/T1021/ Remote Services, Technique T1021 - Enterprise | MITRE ATT&CK® enterprise mitre attremote servicestechnique https://attack.mitre.org/techniques/T1564/004/ Hide Artifacts: NTFS File Attributes, Sub-technique T1564.004 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquehideartifactsntfs https://attack.mitre.org/techniques/T1546/ Event Triggered Execution, Technique T1546 - Enterprise | MITRE ATT&CK® enterprise mitre atteventtriggeredexecutiontechnique https://attack.mitre.org/mitigations/M1026/ Privileged Account Management, Mitigation M1026 - Enterprise | MITRE ATT&CK® enterprise mitre attaccount managementprivilegedmitigation https://attack.mitre.org/tactics/enterprise/ Tactics - Enterprise | MITRE ATT&CK® enterprise mitre atttactics https://attack.mitre.org/techniques/T1685/ Disable or Modify Tools, Technique T1685 - Enterprise | MITRE ATT&CK® enterprise mitre attdisablemodifytoolstechnique https://attack.mitre.org/techniques/T1087/001/ Account Discovery: Local Account, Sub-technique T1087.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueaccountdiscoverylocal https://attack.mitre.org/techniques/T1207/ Rogue Domain Controller, Technique T1207 - Enterprise | MITRE ATT&CK® enterprise mitre attroguedomaincontrollertechnique https://attack.mitre.org/techniques/T1202/ Indirect Command Execution, Technique T1202 - Enterprise | MITRE ATT&CK® enterprise mitre attcommand executionindirecttechnique https://attack.mitre.org/techniques/T1543/001/ Create or Modify System Process: Launch Agent, Sub-technique T1543.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquecreatemodifysystem https://attack.mitre.org/techniques/T1070/004/ Indicator Removal: File Deletion, Sub-technique T1070.004 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueindicatorremovalfile https://attack.mitre.org/techniques/T1021/002/ Remote Services: SMB/Windows Admin Shares, Sub-technique T1021.002 - Enterprise | MITRE ATT&CK® enterprise mitre attremote servicessub techniquesmbwindows https://attack.mitre.org/techniques/T1090/002/ Proxy: External Proxy, Sub-technique T1090.002 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueproxyexternal https://attack.mitre.org/techniques/T1588/002/ Obtain Capabilities: Tool, Sub-technique T1588.002 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueobtaincapabilitiestool https://attack.mitre.org/techniques/T1053/ Scheduled Task/Job, Technique T1053 - Enterprise | MITRE ATT&CK® enterprise mitre attscheduledtaskjobtechnique https://attack.mitre.org/techniques/T1573/001/ Encrypted Channel: Symmetric Cryptography, Sub-technique T1573.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueencryptedchannelsymmetric https://attack.mitre.org/techniques/T1542/003/ Pre-OS Boot: Bootkit, Sub-technique T1542.003 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquepreosboot https://attack.mitre.org/techniques/T1550/ Use Alternate Authentication Material, Technique T1550 - Enterprise | MITRE ATT&CK® enterprise mitre attusealternateauthenticationmaterial https://attack.mitre.org/mitigations/M1037/ Filter Network Traffic, Mitigation M1037 - Enterprise | MITRE ATT&CK® enterprise mitre attnetwork trafficfiltermitigation https://attack.mitre.org/techniques/T1071/003/ Application Layer Protocol: Mail Protocols, Sub-technique T1071.003 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueapplicationlayerprotocol https://attack.mitre.org/techniques/T1056/001/ Input Capture: Keylogging, Sub-technique T1056.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueinputcapture https://attack.mitre.org/techniques/T1113/ Screen Capture, Technique T1113 - Enterprise | MITRE ATT&CK® enterprise mitre attscreen capturetechnique https://attack.mitre.org/techniques/T1210/ Exploitation of Remote Services, Technique T1210 - Enterprise | MITRE ATT&CK® enterprise mitre attremote servicesexploitationtechnique https://attack.mitre.org/techniques/T1046/ Network Service Discovery, Technique T1046 - Enterprise | MITRE ATT&CK® enterprise mitre attnetwork servicediscovery technique https://attack.mitre.org/techniques/T1595/002/ Active Scanning: Vulnerability Scanning, Sub-technique T1595.002 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueactivescanningvulnerability https://attack.mitre.org/tactics/TA0002/ Execution, Tactic TA0002 - Enterprise | MITRE ATT&CK® enterprise mitre attexecutiontactic https://attack.mitre.org/techniques/T1591/ Gather Victim Org Information, Technique T1591 - Enterprise | MITRE ATT&CK® enterprise mitre attgathervictiminformationtechnique https://attack.mitre.org/techniques/T1055/004/ Process Injection: Asynchronous Procedure Call, Sub-technique T1055.004 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueprocessinjectionasynchronous https://attack.mitre.org/techniques/T1001/ Data Obfuscation, Technique T1001 - Enterprise | MITRE ATT&CK® enterprise mitre attdataobfuscationtechnique https://attack.mitre.org/techniques/T1176/ Software Extensions, Technique T1176 - Enterprise | MITRE ATT&CK® enterprise mitre attsoftwareextensionstechnique https://attack.mitre.org/versions/v19/techniques/T1218/007/ System Binary Proxy Execution: Msiexec, Sub-technique T1218.007 - Enterprise | MITRE ATT&CK® enterprise mitre attproxy executionsub techniquesystembinary https://attack.mitre.org/techniques/T1070/006/ Indicator Removal: Timestomp, Sub-technique T1070.006 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueindicatorremoval https://attack.mitre.org/techniques/T1003/006/ OS Credential Dumping: DCSync, Sub-technique T1003.006 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueoscredentialdumping https://attack.mitre.org/techniques/T1586/002/ Compromise Accounts: Email Accounts, Sub-technique T1586.002 - Enterprise | MITRE ATT&CK® enterprise mitre attaccounts emailsub techniquecompromise https://attack.mitre.org/techniques/T1071/001/ Application Layer Protocol: Web Protocols, Sub-technique T1071.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueapplicationlayerprotocol https://attack.mitre.org/techniques/T1041/ Exfiltration Over C2 Channel, Technique T1041 - Enterprise | MITRE ATT&CK® enterprise mitre attexfiltrationchanneltechnique https://attack.mitre.org/techniques/T1596/ Search Open Technical Databases, Technique T1596 - Enterprise | MITRE ATT&CK® enterprise mitre attsearch opentechnicaldatabasestechnique https://attack.mitre.org/techniques/T1102/002/ Web Service: Bidirectional Communication, Sub-technique T1102.002 - Enterprise | MITRE ATT&CK® enterprise mitre attweb servicesub techniquebidirectionalcommunication https://attack.mitre.org/techniques/T1221/ Template Injection, Technique T1221 - Enterprise | MITRE ATT&CK® enterprise mitre atttemplateinjectiontechnique https://attack.mitre.org/techniques/T1069/002/ Permission Groups Discovery: Domain Groups, Sub-technique T1069.002 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquepermissiongroupsdiscovery https://attack.mitre.org/techniques/T1120/ Peripheral Device Discovery, Technique T1120 - Enterprise | MITRE ATT&CK® enterprise mitre attdiscovery techniqueperipheraldevice https://attack.mitre.org/techniques/T1505/003/ Server Software Component: Web Shell, Sub-technique T1505.003 - Enterprise | MITRE ATT&CK® enterprise mitre attserver softwaresub techniquecomponentweb https://attack.mitre.org/techniques/T1571/ Non-Standard Port, Technique T1571 - Enterprise | MITRE ATT&CK® enterprise mitre attnon standardporttechnique https://attack.mitre.org/techniques/T1074/001/ Data Staged: Local Data Staging, Sub-technique T1074.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquedatastagedlocal https://attack.mitre.org/tactics/TA0005/ Stealth, Tactic TA0005 - Enterprise | MITRE ATT&CK® enterprise mitre attstealthtactic https://attack.mitre.org/techniques/T1110/003/ Brute Force: Password Spraying, Sub-technique T1110.003 - Enterprise | MITRE ATT&CK® enterprise mitre attbrute forcesub techniquepasswordspraying https://attack.mitre.org/techniques/T1036/003/ Masquerading: Rename Legitimate Utilities, Sub-technique T1036.003 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquerenamelegitimateutilities https://attack.mitre.org/techniques/T1204/ User Execution, Technique T1204 - Enterprise | MITRE ATT&CK® enterprise mitre attuserexecutiontechnique https://attack.mitre.org/techniques/T1059/001/ Command and Scripting Interpreter: PowerShell, Sub-technique T1059.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquecommandscriptinginterpreter https://attack.mitre.org/techniques/T1204/001/ User Execution: Malicious Link, Sub-technique T1204.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueuserexecutionmalicious https://attack.mitre.org/techniques/T1092/ Communication Through Removable Media, Technique T1092 - Enterprise | MITRE ATT&CK® enterprise mitre attcommunicationremovablemediatechnique https://attack.mitre.org/techniques/T1112/ Modify Registry, Technique T1112 - Enterprise | MITRE ATT&CK® enterprise mitre attmodifyregistrytechnique https://attack.mitre.org/techniques/T1087/ Account Discovery, Technique T1087 - Enterprise | MITRE ATT&CK® enterprise mitre attdiscovery techniqueaccount https://attack.mitre.org/techniques/T1090/003/ Proxy: Multi-hop Proxy, Sub-technique T1090.003 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueproxymultihop https://attack.mitre.org/tactics/TA0008/ Lateral Movement, Tactic TA0008 - Enterprise | MITRE ATT&CK® enterprise mitre attlateral movementtactic https://attack.mitre.org/techniques/T1201/ Password Policy Discovery, Technique T1201 - Enterprise | MITRE ATT&CK® enterprise mitre attdiscovery techniquepasswordpolicy https://attack.mitre.org/techniques/T1548/ Abuse Elevation Control Mechanism, Technique T1548 - Enterprise | MITRE ATT&CK® enterprise mitre attelevation controlabusemechanismtechnique https://attack.mitre.org/techniques/T1561/ Disk Wipe, Technique T1561 - Enterprise | MITRE ATT&CK® enterprise mitre attdiskwipetechnique https://attack.mitre.org/techniques/T1102/ Web Service, Technique T1102 - Enterprise | MITRE ATT&CK® enterprise mitre attweb servicetechnique https://attack.mitre.org/techniques/T1039/ Data from Network Shared Drive, Technique T1039 - Enterprise | MITRE ATT&CK® enterprise mitre attdatanetworkshareddrive https://attack.mitre.org/techniques/T1083/ File and Directory Discovery, Technique T1083 - Enterprise | MITRE ATT&CK® enterprise mitre attdiscovery techniquefiledirectory https://attack.mitre.org/techniques/T1568/ Dynamic Resolution, Technique T1568 - Enterprise | MITRE ATT&CK® enterprise mitre attdynamicresolutiontechnique https://attack.mitre.org/techniques/T1189/ Drive-by Compromise, Technique T1189 - Enterprise | MITRE ATT&CK® enterprise mitre attdrivecompromisetechnique https://attack.mitre.org/techniques/T1547/ Boot or Logon Autostart Execution, Technique T1547 - Enterprise | MITRE ATT&CK® enterprise mitre attbootlogonautostartexecution https://attack.mitre.org/techniques/T1007/ System Service Discovery, Technique T1007 - Enterprise | MITRE ATT&CK® enterprise mitre attsystem servicediscovery technique https://attack.mitre.org/techniques/T1114/ Email Collection, Technique T1114 - Enterprise | MITRE ATT&CK® enterprise mitre attemailcollectiontechnique https://attack.mitre.org/techniques/T1566/001/ Phishing: Spearphishing Attachment, Sub-technique T1566.001 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniquephishingattachment https://attack.mitre.org/techniques/T1115/ Clipboard Data, Technique T1115 - Enterprise | MITRE ATT&CK® enterprise mitre attclipboarddatatechnique https://attack.mitre.org/techniques/T1218/004/ System Binary Proxy Execution: InstallUtil, Sub-technique T1218.004 - Enterprise | MITRE ATT&CK® enterprise mitre attproxy executionsub techniquesystembinary https://attack.mitre.org/techniques/T1573/002/ Encrypted Channel: Asymmetric Cryptography, Sub-technique T1573.002 - Enterprise | MITRE ATT&CK® enterprise mitre attsub techniqueencryptedchannelasymmetric https://attack.mitre.org/techniques/T1543/ Create or Modify System Process, Technique T1543 - Enterprise | MITRE ATT&CK® enterprise mitre attcreatemodifysystemprocess https://attack.mitre.org/techniques/T1560/001/ Archive Collected Data: Archive via Utility, Sub-technique T1560.001 - Enterprise | MITRE ATT&CK® enterprise mitre attarchive collecteddata viasub techniqueutility https://attack.mitre.org/techniques/T1218/ System Binary Proxy Execution, Technique T1218 - Enterprise | MITRE ATT&CK® enterprise mitre attproxy executionsystembinarytechnique https://attack.mitre.org/techniques/T1542/ Pre-OS Boot, Technique T1542 - Enterprise | MITRE ATT&CK® enterprise mitre attpreosboottechnique https://attack.mitre.org/techniques/T1137/ Office Application Startup, Technique T1137 - Enterprise | MITRE ATT&CK® enterprise mitre attofficeapplicationstartuptechnique https://attack.mitre.org/techniques/T1218/012/ System Binary Proxy Execution: Verclsid, Sub-technique T1218.012 - Enterprise | MITRE ATT&CK® enterprise mitre attproxy executionsub techniquesystembinary