| Scheduled Task/Job - T1053 (35dd844a-b219-4e2b-a6bb-efa9a75995a9) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| 8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
Indirect Command Execution - T1202 (3b0e52ce-517a-4614-a523-1bd5deef6c5e) |
Attack Pattern |
1 |
| Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Virtualization/Sandbox Evasion - T1497 (82caa33e-d11a-433a-94ea-9b5a5fbef81d) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Shared Modules - T1129 (0a5231ec-41af-4a35-83d0-6bdf11f28c65) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Data from Local System - T1005 (3c4a2599-71ee-4405-ba1e-0e28414b4bc5) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Software Packing - T1027.002 (deb98323-e13f-4b0c-8d94-175379069062) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Network Share Discovery - T1135 (3489cfc5-640f-4bb3-a103-9137b97de79f) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Token Impersonation/Theft - T1134.001 (86850eff-2729-40c3-b85e-c4af26da4a2d) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Data Staged - T1074 (7dd95ff6-712e-4056-9626-312ea4ab4c5e) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Obfuscated Files or Information - T1027 (b3d682b6-98f2-4fb0-aa3b-b4df007ca70a) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| 8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
Hidden Files and Directories - T1564.001 (ec8fc7e2-b356-455c-8db5-2e37be158e7d) |
Attack Pattern |
1 |
| Data Encrypted for Impact - T1486 (b80d107d-fa0d-4b60-9684-b0433e8bdba0) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Input Capture - T1056 (bb5a00de-e086-4859-a231-fa793f6797e2) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Process Discovery - T1057 (8f4a33ec-8b1f-4b80-a2f6-642b2e479580) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| 8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18) |
Attack Pattern |
1 |
| OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Inhibit System Recovery - T1490 (f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Boot or Logon Autostart Execution - T1547 (1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| File Deletion - T1070.004 (d63a3fb8-9452-4e9d-a60a-54be68d5998c) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Security Software Discovery - T1518.001 (cba37adb-d6fb-4610-b069-dd04c0643384) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Taint Shared Content - T1080 (246fd3c7-f5e3-466d-8787-4c13d9e3b61c) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Data Destruction - T1485 (d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) |
Attack Pattern |
8base (1cc6ada3-a632-54a4-9df1-f41287e3f566) |
Ransomware |
1 |
| Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279) |
Attack Pattern |
Boot or Logon Autostart Execution - T1547 (1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf) |
Attack Pattern |
2 |
| Software Packing - T1027.002 (deb98323-e13f-4b0c-8d94-175379069062) |
Attack Pattern |
Obfuscated Files or Information - T1027 (b3d682b6-98f2-4fb0-aa3b-b4df007ca70a) |
Attack Pattern |
2 |
| Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579) |
Attack Pattern |
Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) |
Attack Pattern |
2 |
| Access Token Manipulation - T1134 (dcaa092b-7de9-4a21-977f-7fcb77e89c48) |
Attack Pattern |
Token Impersonation/Theft - T1134.001 (86850eff-2729-40c3-b85e-c4af26da4a2d) |
Attack Pattern |
2 |
| Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) |
Attack Pattern |
Hidden Files and Directories - T1564.001 (ec8fc7e2-b356-455c-8db5-2e37be158e7d) |
Attack Pattern |
2 |
| File Deletion - T1070.004 (d63a3fb8-9452-4e9d-a60a-54be68d5998c) |
Attack Pattern |
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) |
Attack Pattern |
2 |
| Software Discovery - T1518 (e3b6daca-e963-4a69-aee6-ed4fd653ad58) |
Attack Pattern |
Security Software Discovery - T1518.001 (cba37adb-d6fb-4610-b069-dd04c0643384) |
Attack Pattern |
2 |