Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) |
Attack Pattern |
1 |
Standard Encoding - T1132.001 (04fd5427-79c7-44ea-ae13-11b24778ff1c) |
Attack Pattern |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Code Signing - T1553.002 (32901740-b42c-4fdd-bc02-345b5dc57082) |
Attack Pattern |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) |
Attack Pattern |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Local Groups - T1069.001 (a01bf75f-00b2-4568-a58f-565ff9bf202b) |
Attack Pattern |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
DNS - T1071.004 (1996eef1-ced3-4d7f-bf94-33298cabbf72) |
Attack Pattern |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Keylogging - T1056.001 (09a60ea3-a8d1-4ae5-976e-5783248b72a4) |
Attack Pattern |
1 |
PowerShell - T1059.001 (970a3432-3237-47ad-bcca-7d8cbb217736) |
Attack Pattern |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Data Transfer Size Limits - T1030 (c3888c54-775d-4b2f-b759-75a2ececcbfd) |
Attack Pattern |
1 |
Process Discovery - T1057 (8f4a33ec-8b1f-4b80-a2f6-642b2e479580) |
Attack Pattern |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
1 |
Helminth (19d89300-ff97-4281-ac42-76542e744092) |
Malpedia |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279) |
Attack Pattern |
1 |
Encrypted/Encoded File - T1027.013 (0d91b3c0-5e50-47c3-949a-2a796f04d144) |
Attack Pattern |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Shortcut Modification - T1547.009 (4ab929c6-ee2d-4fb5-aab4-b14be2ed7179) |
Attack Pattern |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Domain Groups - T1069.002 (2aed01ad-3df3-4410-a8cb-11ea4ded587c) |
Attack Pattern |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Scheduled Task - T1053.005 (005a06c6-14bf-4118-afa0-ebcd8aebb0c9) |
Attack Pattern |
1 |
Clipboard Data - T1115 (30973a08-aed9-4edf-8604-9084ce1b5c4f) |
Attack Pattern |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Local Data Staging - T1074.001 (1c34f7aa-9341-4a48-bfab-af22e51aca6c) |
Attack Pattern |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Symmetric Cryptography - T1573.001 (24bfaeba-cb0d-4525-b3dc-507c77ecec41) |
Attack Pattern |
1 |
Automated Collection - T1119 (30208d3e-0d6b-43c8-883e-44462a514619) |
Attack Pattern |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) |
Attack Pattern |
1 |
Helminth - S0170 (eff1a885-6f90-42a1-901f-eef6e7a1905e) |
Malware |
Visual Basic - T1059.005 (dfd7cc1d-e1d8-4394-a198-97c4cab8aa67) |
Attack Pattern |
1 |
Standard Encoding - T1132.001 (04fd5427-79c7-44ea-ae13-11b24778ff1c) |
Attack Pattern |
Data Encoding - T1132 (cc7b8c4e-9be0-47ca-b0bb-83915ec3ee2f) |
Attack Pattern |
2 |
Subvert Trust Controls - T1553 (b83e166d-13d7-4b52-8677-dff90c548fd7) |
Attack Pattern |
Code Signing - T1553.002 (32901740-b42c-4fdd-bc02-345b5dc57082) |
Attack Pattern |
2 |
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) |
Attack Pattern |
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) |
Attack Pattern |
2 |
Local Groups - T1069.001 (a01bf75f-00b2-4568-a58f-565ff9bf202b) |
Attack Pattern |
Permission Groups Discovery - T1069 (15dbf668-795c-41e6-8219-f0447c0e64ce) |
Attack Pattern |
2 |
Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) |
Attack Pattern |
DNS - T1071.004 (1996eef1-ced3-4d7f-bf94-33298cabbf72) |
Attack Pattern |
2 |
Input Capture - T1056 (bb5a00de-e086-4859-a231-fa793f6797e2) |
Attack Pattern |
Keylogging - T1056.001 (09a60ea3-a8d1-4ae5-976e-5783248b72a4) |
Attack Pattern |
2 |
PowerShell - T1059.001 (970a3432-3237-47ad-bcca-7d8cbb217736) |
Attack Pattern |
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) |
Attack Pattern |
2 |
Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279) |
Attack Pattern |
Boot or Logon Autostart Execution - T1547 (1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf) |
Attack Pattern |
2 |
Encrypted/Encoded File - T1027.013 (0d91b3c0-5e50-47c3-949a-2a796f04d144) |
Attack Pattern |
Obfuscated Files or Information - T1027 (b3d682b6-98f2-4fb0-aa3b-b4df007ca70a) |
Attack Pattern |
2 |
Shortcut Modification - T1547.009 (4ab929c6-ee2d-4fb5-aab4-b14be2ed7179) |
Attack Pattern |
Boot or Logon Autostart Execution - T1547 (1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf) |
Attack Pattern |
2 |
Domain Groups - T1069.002 (2aed01ad-3df3-4410-a8cb-11ea4ded587c) |
Attack Pattern |
Permission Groups Discovery - T1069 (15dbf668-795c-41e6-8219-f0447c0e64ce) |
Attack Pattern |
2 |
Scheduled Task/Job - T1053 (35dd844a-b219-4e2b-a6bb-efa9a75995a9) |
Attack Pattern |
Scheduled Task - T1053.005 (005a06c6-14bf-4118-afa0-ebcd8aebb0c9) |
Attack Pattern |
2 |
Local Data Staging - T1074.001 (1c34f7aa-9341-4a48-bfab-af22e51aca6c) |
Attack Pattern |
Data Staged - T1074 (7dd95ff6-712e-4056-9626-312ea4ab4c5e) |
Attack Pattern |
2 |
Encrypted Channel - T1573 (b8902400-e6c5-4ba2-95aa-2d35b442b118) |
Attack Pattern |
Symmetric Cryptography - T1573.001 (24bfaeba-cb0d-4525-b3dc-507c77ecec41) |
Attack Pattern |
2 |
Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) |
Attack Pattern |
Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161) |
Attack Pattern |
2 |
Visual Basic - T1059.005 (dfd7cc1d-e1d8-4394-a198-97c4cab8aa67) |
Attack Pattern |
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) |
Attack Pattern |
2 |