Browser Fingerprint - T1036.012 (afac5dbc-4383-4fb6-9ba6-45b25d49e530)
Adversaries may attempt to blend in with legitimate traffic by spoofing browser and system attributes like operating system, system language, platform, user-agent string, resolution, time zone, etc. The HTTP User-Agent request header is a string that lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent.(Citation: Mozilla User Agent)
Adversaries may gather this information through System Information Discovery or by users navigating to adversary-controlled websites, and then use that information to craft their web traffic to evade defenses.(Citation: Gummy Browsers: Targeted Browser Spoofing against State-of-the-Art Fingerprinting Techniques)
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) | Attack Pattern | Browser Fingerprint - T1036.012 (afac5dbc-4383-4fb6-9ba6-45b25d49e530) | Attack Pattern | 1 |