Hide Navigation Hide TOC Process Code Segment Verification (fbab09d5-0032-5dff-8122-6afeddab8cff) Comparing the "text" or "code" memory segments to a source of truth. Cluster A Galaxy A Cluster B Galaxy B Level Process Hollowing - T1055.012 (b200542e-e877-4395-875b-cf1a44537ca4) Attack Pattern Process Code Segment Verification (fbab09d5-0032-5dff-8122-6afeddab8cff) MITRE D3FEND 1 Process Code Segment Verification (fbab09d5-0032-5dff-8122-6afeddab8cff) MITRE D3FEND Exploitation for Credential Access - T1212 (9c306d8d-cde7-4b4c-b6e8-d0bb16caca36) Attack Pattern 1 Process Code Segment Verification (fbab09d5-0032-5dff-8122-6afeddab8cff) MITRE D3FEND Exploitation for Client Execution - T1203 (be2dcee9-a7a7-4e38-afd6-21b31ecc3d63) Attack Pattern 1 Exploitation for Privilege Escalation - T1068 (b21c3b2d-02e6-45b1-980b-e69051040839) Attack Pattern Process Code Segment Verification (fbab09d5-0032-5dff-8122-6afeddab8cff) MITRE D3FEND 1 Process Code Segment Verification (fbab09d5-0032-5dff-8122-6afeddab8cff) MITRE D3FEND Credential API Hooking - T1056.004 (f5946b5e-9408-485f-a7f7-b5efc88909b6) Attack Pattern 1 Process Code Segment Verification (fbab09d5-0032-5dff-8122-6afeddab8cff) MITRE D3FEND Exploitation of Remote Services - T1210 (9db0cf3a-a3c9-4012-8268-123b9db6fd82) Attack Pattern 1 Process Code Segment Verification (fbab09d5-0032-5dff-8122-6afeddab8cff) MITRE D3FEND Exploitation for Defense Evasion - T1211 (fe926152-f431-4baf-956c-4ad3cb0bf23b) Attack Pattern 1 Process Hollowing - T1055.012 (b200542e-e877-4395-875b-cf1a44537ca4) Attack Pattern Process Injection - T1055 (43e7dc91-05b2-474c-b9ac-2ed4fe101f4d) Attack Pattern 2 Credential API Hooking - T1056.004 (f5946b5e-9408-485f-a7f7-b5efc88909b6) Attack Pattern Input Capture - T1056 (bb5a00de-e086-4859-a231-fa793f6797e2) Attack Pattern 2