Add-ins - T1137.006 (34f1d81d-fe88-4f97-bd3b-a3164536255d) |
Attack Pattern |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Component Firmware - T1542.002 (791481f8-e96a-41be-b089-a088763083d4) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Bootkit - T1542.003 (1b7b1806-7746-41a1-a35d-e48dae25ddba) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
ROMMONkit - T1542.004 (a6557c75-798f-42e4-be70-ab4502e0a3bc) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Web Portal Capture - T1056.003 (69e5226d-05dc-4f15-95d7-44f5ed78d06e) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Run Virtual Instance - T1564.006 (b5327dd1-6bf9-4785-a199-25bcbd1f4a9d) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Exploitation for Credential Access - T1212 (9c306d8d-cde7-4b4c-b6e8-d0bb16caca36) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
System Firmware - T1542.001 (16ab6452-c3c1-497c-a47d-206018ca1ada) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Software Deployment Tools - T1072 (92a78814-b191-47ca-909c-1ccfe3777414) |
Attack Pattern |
1 |
LSASS Driver - T1547.008 (f0589bc3-a6ae-425a-a3d5-5659bfee07f4) |
Attack Pattern |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Compromise Software Dependencies and Development Tools - T1195.001 (191cc6af-1bb2-4344-ab5f-28e496638720) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Compromise Host Software Binary - T1554 (960c3c86-1480-4d72-b4e0-8c242e84a5c5) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Executable Installer File Permissions Weakness - T1574.005 (70d81154-b187-45f9-8ec5-295d01255979) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
MSBuild - T1127.001 (c92e3d68-2349-49e4-a341-7edca2deff96) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Compromise Software Supply Chain - T1195.002 (bd369cd9-abb8-41ce-b5bb-fff23ee86c00) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
MMC - T1218.014 (ffbcfdb0-de22-4106-9ed3-fc23c8a01407) |
Attack Pattern |
1 |
Application Shimming - T1546.011 (42fe883a-21ea-4cfb-b94a-78b6476dcc83) |
Attack Pattern |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
1 |
Services File Permissions Weakness - T1574.010 (9e8b28c9-35fe-48ac-a14d-e6cc032dcbcd) |
Attack Pattern |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Rootkit - T1014 (0f20e3cb-245b-4a61-8a91-2d93f7cb0e9b) |
Attack Pattern |
1 |
SQL Stored Procedures - T1505.001 (f9e9365a-9ca2-4d9c-8e7c-050d73d1101a) |
Attack Pattern |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
Browser Extensions - T1176 (389735f1-f21c-4208-b8f0-f8031e7169b8) |
Attack Pattern |
1 |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
IIS Components - T1505.004 (b46a801b-fd98-491c-a25a-bca25d6e3001) |
Attack Pattern |
1 |
Time Based Evasion - T1497.003 (4bed873f-0b7d-41d4-b93a-b6905d1f90b0) |
Attack Pattern |
Restore Software (29d77727-12e5-5922-9d2d-70681803d686) |
MITRE D3FEND |
1 |
Add-ins - T1137.006 (34f1d81d-fe88-4f97-bd3b-a3164536255d) |
Attack Pattern |
Office Application Startup - T1137 (2c4d4e92-0ccf-4a97-b54c-86d662988a53) |
Attack Pattern |
2 |
Component Firmware - T1542.002 (791481f8-e96a-41be-b089-a088763083d4) |
Attack Pattern |
Pre-OS Boot - T1542 (7f0ca133-88c4-40c6-a62f-b3083a7fbc2e) |
Attack Pattern |
2 |
Pre-OS Boot - T1542 (7f0ca133-88c4-40c6-a62f-b3083a7fbc2e) |
Attack Pattern |
Bootkit - T1542.003 (1b7b1806-7746-41a1-a35d-e48dae25ddba) |
Attack Pattern |
2 |
ROMMONkit - T1542.004 (a6557c75-798f-42e4-be70-ab4502e0a3bc) |
Attack Pattern |
Pre-OS Boot - T1542 (7f0ca133-88c4-40c6-a62f-b3083a7fbc2e) |
Attack Pattern |
2 |
Web Portal Capture - T1056.003 (69e5226d-05dc-4f15-95d7-44f5ed78d06e) |
Attack Pattern |
Input Capture - T1056 (bb5a00de-e086-4859-a231-fa793f6797e2) |
Attack Pattern |
2 |
Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) |
Attack Pattern |
Run Virtual Instance - T1564.006 (b5327dd1-6bf9-4785-a199-25bcbd1f4a9d) |
Attack Pattern |
2 |
System Firmware - T1542.001 (16ab6452-c3c1-497c-a47d-206018ca1ada) |
Attack Pattern |
Pre-OS Boot - T1542 (7f0ca133-88c4-40c6-a62f-b3083a7fbc2e) |
Attack Pattern |
2 |
LSASS Driver - T1547.008 (f0589bc3-a6ae-425a-a3d5-5659bfee07f4) |
Attack Pattern |
Boot or Logon Autostart Execution - T1547 (1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf) |
Attack Pattern |
2 |
Supply Chain Compromise - T1195 (3f18edba-28f4-4bb9-82c3-8aa60dcac5f7) |
Attack Pattern |
Compromise Software Dependencies and Development Tools - T1195.001 (191cc6af-1bb2-4344-ab5f-28e496638720) |
Attack Pattern |
2 |
Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6) |
Attack Pattern |
Executable Installer File Permissions Weakness - T1574.005 (70d81154-b187-45f9-8ec5-295d01255979) |
Attack Pattern |
2 |
Trusted Developer Utilities Proxy Execution - T1127 (ff25900d-76d5-449b-a351-8824e62fc81b) |
Attack Pattern |
MSBuild - T1127.001 (c92e3d68-2349-49e4-a341-7edca2deff96) |
Attack Pattern |
2 |
Supply Chain Compromise - T1195 (3f18edba-28f4-4bb9-82c3-8aa60dcac5f7) |
Attack Pattern |
Compromise Software Supply Chain - T1195.002 (bd369cd9-abb8-41ce-b5bb-fff23ee86c00) |
Attack Pattern |
2 |
System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) |
Attack Pattern |
MMC - T1218.014 (ffbcfdb0-de22-4106-9ed3-fc23c8a01407) |
Attack Pattern |
2 |
Application Shimming - T1546.011 (42fe883a-21ea-4cfb-b94a-78b6476dcc83) |
Attack Pattern |
Event Triggered Execution - T1546 (b6301b64-ef57-4cce-bb0b-77026f14a8db) |
Attack Pattern |
2 |
Services File Permissions Weakness - T1574.010 (9e8b28c9-35fe-48ac-a14d-e6cc032dcbcd) |
Attack Pattern |
Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6) |
Attack Pattern |
2 |
SQL Stored Procedures - T1505.001 (f9e9365a-9ca2-4d9c-8e7c-050d73d1101a) |
Attack Pattern |
Server Software Component - T1505 (d456de47-a16f-4e46-8980-e67478a12dcb) |
Attack Pattern |
2 |
IIS Components - T1505.004 (b46a801b-fd98-491c-a25a-bca25d6e3001) |
Attack Pattern |
Server Software Component - T1505 (d456de47-a16f-4e46-8980-e67478a12dcb) |
Attack Pattern |
2 |
Time Based Evasion - T1497.003 (4bed873f-0b7d-41d4-b93a-b6905d1f90b0) |
Attack Pattern |
Virtualization/Sandbox Evasion - T1497 (82caa33e-d11a-433a-94ea-9b5a5fbef81d) |
Attack Pattern |
2 |