Skip to content

Hide Navigation Hide TOC

API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962)

API calls utilized by an application that could indicate malicious activity

Cluster A Galaxy A Cluster B Galaxy B Level
Credentials from Password Store - T1634 (cc6e0637-76d2-4af3-a604-9d8d3ff8a6b3) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
Execution Guardrails - T1627 (498e7b81-238d-404c-aa5e-332904d63286) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Hide Artifacts - T1628 (fc53309d-ebd5-4573-9242-57024ebdad4f) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Steal Application Access Token - T1635 (233fe2c0-cb41-4765-b454-e0087597fbce) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Clipboard Data - T1414 (c4b96c0b-cb58-497a-a1c2-bb447d79d692) Attack Pattern 1
Foreground Persistence - T1541 (648f8051-1a35-46d3-b1d8-3a3f5cf2cc8e) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Unix Shell - T1623.001 (693cdbff-ea73-49c6-ac3f-91e7285c31d1) Attack Pattern 1
Supply Chain Compromise - T1474 (0d95940f-9583-4e0f-824c-a42c1be47fad) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
Data Manipulation - T1641 (c548d8c4-a0a3-4a24-bb79-2a84abbc7b36) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Software Packing - T1406.002 (51636761-2e35-44bf-9e56-e337adf97174) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 1
Masquerading - T1655 (f856eaab-e84a-4265-a8a2-7bf37e5dc2fc) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) Attack Pattern 1
Compromise Client Software Binary - T1645 (4f14e30b-8b57-4a7b-9093-2c0778ea99cf) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
Compromise Software Dependencies and Development Tools - T1474.001 (7827ced0-95e7-4d05-bdcf-0d8f2d37a3d3) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
System Checks - T1633.001 (6ffad4be-bfe0-424f-abde-4d9a84a800ad) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Data Encrypted for Impact - T1471 (d9e88203-2b5d-405f-a406-2933b1e3d7e4) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Uninstall Malicious Application - T1630.001 (0cdd66ad-26ac-4338-a764-4972a1e17ee3) Attack Pattern 1
Ptrace System Calls - T1631.001 (1ff89c1b-7615-4fe8-b9cb-63aaf52e6dee) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Stored Application Data - T1409 (702055ac-4e54-4ae9-9527-e23a38e0b160) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Application Versioning - T1661 (28fdd23d-aee3-4afe-bc3f-5f1f52929258) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component URI Hijacking - T1635.001 (789ef15a-34d9-4b32-a779-8cbbc9eb32f5) Attack Pattern 1
Transmitted Data Manipulation - T1641.001 (74e6003f-c7f4-4047-983b-708cc19b96b6) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Command and Scripting Interpreter - T1623 (29f1f56c-7b7a-4c14-9e39-59577ea2743c) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Security Software Discovery - T1418.001 (1d44f529-6fe6-489f-8a01-6261ac43f05e) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Keychain - T1634.001 (8605a0ec-b44a-4e98-a7fc-87d4bd3acb66) Attack Pattern 1
Exploitation for Privilege Escalation - T1404 (351c0927-2fc1-4a2c-ad84-cbbee7eb8172) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Obfuscated Files or Information - T1406 (d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Compromise Software Supply Chain - T1474.003 (9558a84e-2d5e-4872-918e-d847494a8ffc) Attack Pattern 1
Virtualization/Sandbox Evasion - T1633 (27d18e87-8f32-4be1-b456-39b90454360f) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Download New Code at Runtime - T1407 (6c49d50f-494d-4150-b774-a655022d20a6) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Process Discovery - T1424 (1b51f5bc-b97a-498a-8dbd-bc6b1901bf19) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Suppress Application Icon - T1628.001 (f05fc151-aa62-47e3-ae57-2d1b23d64bf6) Attack Pattern 1
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) Attack Pattern API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Screen Capture - T1513 (73c26732-6422-4081-8b63-6d0ae93d449e) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Process Injection - T1631 (b7c0e45f-0206-4f75-96e7-fe7edad3aaff) Attack Pattern 1
API Calls (5ae32c6a-2d12-4b8f-81ca-f862f2be0962) mitre-data-component Data Destruction - T1662 (9ef14445-6f35-4ed0-a042-5024f13a9242) Attack Pattern 1
Command and Scripting Interpreter - T1623 (29f1f56c-7b7a-4c14-9e39-59577ea2743c) Attack Pattern Unix Shell - T1623.001 (693cdbff-ea73-49c6-ac3f-91e7285c31d1) Attack Pattern 2
Software Packing - T1406.002 (51636761-2e35-44bf-9e56-e337adf97174) Attack Pattern Obfuscated Files or Information - T1406 (d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a) Attack Pattern 2
Masquerading - T1655 (f856eaab-e84a-4265-a8a2-7bf37e5dc2fc) Attack Pattern Match Legitimate Name or Location - T1655.001 (114fed8b-7eed-4136-8b9c-411c5c7fff4b) Attack Pattern 2
Compromise Software Dependencies and Development Tools - T1474.001 (7827ced0-95e7-4d05-bdcf-0d8f2d37a3d3) Attack Pattern Supply Chain Compromise - T1474 (0d95940f-9583-4e0f-824c-a42c1be47fad) Attack Pattern 2
System Checks - T1633.001 (6ffad4be-bfe0-424f-abde-4d9a84a800ad) Attack Pattern Virtualization/Sandbox Evasion - T1633 (27d18e87-8f32-4be1-b456-39b90454360f) Attack Pattern 2
Indicator Removal on Host - T1630 (0d4e3bbb-7af5-4c88-a215-0c0906bc1e8d) Attack Pattern Uninstall Malicious Application - T1630.001 (0cdd66ad-26ac-4338-a764-4972a1e17ee3) Attack Pattern 2
Ptrace System Calls - T1631.001 (1ff89c1b-7615-4fe8-b9cb-63aaf52e6dee) Attack Pattern Process Injection - T1631 (b7c0e45f-0206-4f75-96e7-fe7edad3aaff) Attack Pattern 2
Steal Application Access Token - T1635 (233fe2c0-cb41-4765-b454-e0087597fbce) Attack Pattern URI Hijacking - T1635.001 (789ef15a-34d9-4b32-a779-8cbbc9eb32f5) Attack Pattern 2
Transmitted Data Manipulation - T1641.001 (74e6003f-c7f4-4047-983b-708cc19b96b6) Attack Pattern Data Manipulation - T1641 (c548d8c4-a0a3-4a24-bb79-2a84abbc7b36) Attack Pattern 2
Execution Guardrails - T1627 (498e7b81-238d-404c-aa5e-332904d63286) Attack Pattern Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) Attack Pattern 2
Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) Attack Pattern Security Software Discovery - T1418.001 (1d44f529-6fe6-489f-8a01-6261ac43f05e) Attack Pattern 2
Credentials from Password Store - T1634 (cc6e0637-76d2-4af3-a604-9d8d3ff8a6b3) Attack Pattern Keychain - T1634.001 (8605a0ec-b44a-4e98-a7fc-87d4bd3acb66) Attack Pattern 2
Supply Chain Compromise - T1474 (0d95940f-9583-4e0f-824c-a42c1be47fad) Attack Pattern Compromise Software Supply Chain - T1474.003 (9558a84e-2d5e-4872-918e-d847494a8ffc) Attack Pattern 2
Suppress Application Icon - T1628.001 (f05fc151-aa62-47e3-ae57-2d1b23d64bf6) Attack Pattern Hide Artifacts - T1628 (fc53309d-ebd5-4573-9242-57024ebdad4f) Attack Pattern 2
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) Attack Pattern Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) Attack Pattern 2