| Deobfuscate/Decode Files or Information - T1140 (3ccef7ae-cb5e-48f6-8302-897105fbf55c) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Process Discovery - T1057 (8f4a33ec-8b1f-4b80-a2f6-642b2e479580) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Token Impersonation/Theft - T1134.001 (86850eff-2729-40c3-b85e-c4af26da4a2d) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| System Owner/User Discovery - T1033 (03d7999c-1f4c-42cc-8373-e7690d318104) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Encrypted/Encoded File - T1027.013 (0d91b3c0-5e50-47c3-949a-2a796f04d144) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| System Network Configuration Discovery - T1016 (707399d6-ab3e-4963-9315-d9d3818cd6a0) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
Create Process with Token - T1134.002 (677569f9-a8b0-459e-ab24-7f18091fa7bf) |
Attack Pattern |
1 |
| Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Data from Removable Media - T1025 (1b7ba276-eedc-4951-a762-0ceea2c030ec) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Screen Capture - T1113 (0259baeb-9f63-4c69-bf10-eb038c390688) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Native API - T1106 (391d824f-0ef1-47a0-b0ee-c59a75e27670) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
Domain Generation Algorithms - T1568.002 (118f61a5-eb3e-4fb6-931f-2096647f4ecd) |
Attack Pattern |
1 |
| Application Window Discovery - T1010 (4ae4f953-fe58-4cc8-a327-33257e30a830) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| File Deletion - T1070.004 (d63a3fb8-9452-4e9d-a60a-54be68d5998c) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Proxy - T1090 (731f4f55-b6d0-41d1-a7a9-072a66389aea) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Archive Collected Data - T1560 (53ac20cd-aca3-406e-9aa0-9fc7fdc60a5a) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18) |
Attack Pattern |
1 |
| Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
Dynamic-link Library Injection - T1055.001 (f4599aa0-4f85-4a32-80ea-fc39dc965945) |
Attack Pattern |
1 |
| System Network Connections Discovery - T1049 (7e150503-88e7-4861-866b-ff1ac82c4475) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) |
Attack Pattern |
1 |
| Non-Application Layer Protocol - T1095 (c21d5a77-d422-4a69-acd7-2c53c1faa34b) |
Attack Pattern |
Aria-body - S0456 (3161d76a-e2b2-4b97-9906-24909b735386) |
Malware |
1 |
| Token Impersonation/Theft - T1134.001 (86850eff-2729-40c3-b85e-c4af26da4a2d) |
Attack Pattern |
Access Token Manipulation - T1134 (dcaa092b-7de9-4a21-977f-7fcb77e89c48) |
Attack Pattern |
2 |
| Obfuscated Files or Information - T1027 (b3d682b6-98f2-4fb0-aa3b-b4df007ca70a) |
Attack Pattern |
Encrypted/Encoded File - T1027.013 (0d91b3c0-5e50-47c3-949a-2a796f04d144) |
Attack Pattern |
2 |
| Access Token Manipulation - T1134 (dcaa092b-7de9-4a21-977f-7fcb77e89c48) |
Attack Pattern |
Create Process with Token - T1134.002 (677569f9-a8b0-459e-ab24-7f18091fa7bf) |
Attack Pattern |
2 |
| Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279) |
Attack Pattern |
Boot or Logon Autostart Execution - T1547 (1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf) |
Attack Pattern |
2 |
| Dynamic Resolution - T1568 (7bd9c723-2f78-4309-82c5-47cad406572b) |
Attack Pattern |
Domain Generation Algorithms - T1568.002 (118f61a5-eb3e-4fb6-931f-2096647f4ecd) |
Attack Pattern |
2 |
| Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) |
Attack Pattern |
File Deletion - T1070.004 (d63a3fb8-9452-4e9d-a60a-54be68d5998c) |
Attack Pattern |
2 |
| Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) |
Attack Pattern |
Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) |
Attack Pattern |
2 |
| Process Injection - T1055 (43e7dc91-05b2-474c-b9ac-2ed4fe101f4d) |
Attack Pattern |
Dynamic-link Library Injection - T1055.001 (f4599aa0-4f85-4a32-80ea-fc39dc965945) |
Attack Pattern |
2 |