Stored Application Data - T1409 (702055ac-4e54-4ae9-9527-e23a38e0b160) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Compromise Application Executable - T1577 (d3bc5020-f6a2-41c0-8ccb-5e563101b60c) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
URI Hijacking - T1635.001 (789ef15a-34d9-4b32-a779-8cbbc9eb32f5) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Transmitted Data Manipulation - T1641.001 (74e6003f-c7f4-4047-983b-708cc19b96b6) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Application Versioning - T1661 (28fdd23d-aee3-4afe-bc3f-5f1f52929258) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Security Software Discovery - T1418.001 (1d44f529-6fe6-489f-8a01-6261ac43f05e) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Endpoint Denial of Service - T1642 (eb6cf439-1bcb-4d10-bc68-1eed844ed7b3) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Adversary-in-the-Middle - T1638 (08e22979-d320-48ed-8711-e7bf94aabb13) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Device Administrator Permissions - T1626.001 (9c049d7b-c92a-4733-9381-27e2bd2ccadc) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Download New Code at Runtime - T1407 (6c49d50f-494d-4150-b774-a655022d20a6) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Suppress Application Icon - T1628.001 (f05fc151-aa62-47e3-ae57-2d1b23d64bf6) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Process Discovery - T1424 (1b51f5bc-b97a-498a-8dbd-bc6b1901bf19) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Device Lockout - T1629.002 (acf8fd2a-dc98-43b4-8d37-64e10728e591) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Execution Guardrails - T1627 (498e7b81-238d-404c-aa5e-332904d63286) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Subvert Trust Controls - T1632 (79cb02f4-ac4e-4335-8b51-425c9573cce1) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Steal Application Access Token - T1635 (233fe2c0-cb41-4765-b454-e0087597fbce) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Clipboard Data - T1414 (c4b96c0b-cb58-497a-a1c2-bb447d79d692) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Data Manipulation - T1641 (c548d8c4-a0a3-4a24-bb79-2a84abbc7b36) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
File and Directory Discovery - T1420 (cf28ca46-1fd3-46b4-b1f6-ec0b72361848) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
Replication Through Removable Media - T1458 (667e5707-3843-4da8-bd34-88b922526f0d) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) |
Attack Pattern |
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) |
Course of Action |
1 |
URI Hijacking - T1635.001 (789ef15a-34d9-4b32-a779-8cbbc9eb32f5) |
Attack Pattern |
Steal Application Access Token - T1635 (233fe2c0-cb41-4765-b454-e0087597fbce) |
Attack Pattern |
2 |
Data Manipulation - T1641 (c548d8c4-a0a3-4a24-bb79-2a84abbc7b36) |
Attack Pattern |
Transmitted Data Manipulation - T1641.001 (74e6003f-c7f4-4047-983b-708cc19b96b6) |
Attack Pattern |
2 |
Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) |
Attack Pattern |
Execution Guardrails - T1627 (498e7b81-238d-404c-aa5e-332904d63286) |
Attack Pattern |
2 |
Security Software Discovery - T1418.001 (1d44f529-6fe6-489f-8a01-6261ac43f05e) |
Attack Pattern |
Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) |
Attack Pattern |
2 |
Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) |
Attack Pattern |
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) |
Attack Pattern |
2 |
Device Administrator Permissions - T1626.001 (9c049d7b-c92a-4733-9381-27e2bd2ccadc) |
Attack Pattern |
Abuse Elevation Control Mechanism - T1626 (08ea902d-ecb5-47ed-a453-2798057bb2d3) |
Attack Pattern |
2 |
Suppress Application Icon - T1628.001 (f05fc151-aa62-47e3-ae57-2d1b23d64bf6) |
Attack Pattern |
Hide Artifacts - T1628 (fc53309d-ebd5-4573-9242-57024ebdad4f) |
Attack Pattern |
2 |
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) |
Attack Pattern |
System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) |
Attack Pattern |
2 |
Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) |
Attack Pattern |
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) |
Attack Pattern |
2 |
Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) |
Attack Pattern |
Device Lockout - T1629.002 (acf8fd2a-dc98-43b4-8d37-64e10728e591) |
Attack Pattern |
2 |
Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) |
Attack Pattern |
Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14) |
Attack Pattern |
2 |
Subvert Trust Controls - T1632 (79cb02f4-ac4e-4335-8b51-425c9573cce1) |
Attack Pattern |
Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) |
Attack Pattern |
2 |