Duplicate Rows for Yaron

From ema
Revision as of 11:21, 14 November 2017 by Bclemente (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

_pageName Association Type Associated Page
_pageName Association Type Associated Page
Screen Resolution Testing Behavior sandbox detect & evade
Effects Attribute erasure scope
Self Debugging Behavior debugger prevention
& Obfuscated Files or Information Capability Anti-Static Analysis
+ analysis tool discovery Capability Discovery
Timing/Up-time Check Behavior debugger detect & evade
Timing/Date Checks Behavior debugger detect & evade
c2 communication Capability Command and Control
Lateral Movement Attribute scope
Lateral Movement Attribute infection targeting
Lateral Movement Attribute autonomy
Lateral Movement Attribute targeted file type
Lateral Movement Attribute targeted file architecture type
Lateral Movement Attribute file infection type
Lateral Movement Attribute file modification type
Execution Attribute trigger type
& Software Packing Capability Anti-Static Analysis
Exfiltration Attribute targeted website
& Rootkit Capability Defense Evasion
Persistence Attribute scope
Command and Control Attribute frequency
Command and Control Attribute port number
Command and Control Attribute technique
Command and Control Attribute applicable platform
Command and Control Attribute network protocol
Command and Control Attribute encryption algorithm
+ private api exploitation (Mobile) Capability Persistence
& Hooking Capability Anti-Behavioral Analysis
+ surreptitious application installation Capability Persistence
Monitoring thread Behavior debugger detect & evade
debugger obstruction Attribute port number
debugger obstruction Capability Anti-Behavioral Analysis
Interrupt Hooking Behavior debugger prevention
sandbox prevention Capability Anti-Behavioral Analysis
+ malicious network driver Capability Persistence
+ windows shutdown event Capability Persistence
illusionary issues Capability Anti-Behavioral Analysis
polymorphic code Capability Defense Evasion
& Component Firmware Capability Persistence
code optimization Capability Anti-Static Analysis
resource compression Capability Anti-Static Analysis
virtualized code Capability Anti-Static Analysis
virtualized code Capability Anti-Behavioral Analysis
exploitation for analysis evasion Capability Anti-Behavioral Analysis
Product Key/ID Testing Behavior sandbox detect & evade
Injected DLL Testing Behavior sandbox detect & evade
Guest Process Testing Behavior virtual machine detect & evade
HTML5 Performance Object Behavior virtual machine detect & evade
Named System Object Checks Behavior virtual machine detect & evade
CryptoAPI Behavior & Encrypt Files for Ransom (mobile)
Process Environment Block (PEB) Behavior debugger detect & evade
API Call: IsDebuggerPresent Behavior debugger detect & evade
Control Graph Flattening Behavior linear disassembler prevention
& Encrypt Files for Ransom (mobile) Attribute technique
& Encrypt Files for Ransom (mobile) Attribute applicable platform
& Encrypt Files for Ransom (mobile) Attribute encryption algorithm
& Encrypt Files for Ransom (mobile) Capability Effects
+ send email Attribute network protocol
+ send email Capability Execution
+ manipulate network traffic Capability Effects
+ compromise data integrity Capability Effects
suicide exit Attribute trigger type
suicide exit Capability Execution
+ install secondary program Capability Execution
+ install secondary program Capability Persistence
delete SMS warning messages Capability Defense Evasion
& Disabling Security Tools Capability Defense Evasion
memory dump obstruction Capability Anti-Behavioral Analysis
+ SMTP connection discovery Capability Discovery
& Lock User Out of Device (mobile) Capability Effects
+ hijack system resources Capability Effects
& Generate Fraudulent Advertising Revenue (mobile) Capability Effects
& Wipe Device Data (mobile) Capability Effects
+ destroy hardware Capability Effects
secondary CPU execution Capability Defense Evasion
& Bootkit Capability Defense Evasion
flow-oriented disassembler prevention Capability Anti-Static Analysis
call graph prevention Capability Anti-Static Analysis
linear disassembler prevention Capability Anti-Static Analysis
debugger prevention Capability Anti-Behavioral Analysis
sandbox detect & evade Attribute technique
sandbox detect & evade Attribute applicable platform
sandbox detect & evade Attribute targeted sandbox
sandbox detect & evade Capability Anti-Behavioral Analysis
sandbox obstruction Attribute targeted sandbox
sandbox obstruction Capability Anti-Behavioral Analysis
virtual machine detect & evade Attribute technique
virtual machine detect & evade Attribute applicable platform
virtual machine detect & evade Attribute targeted VM
virtual machine detect & evade Capability Anti-Behavioral Analysis
domain name generation Capability Command and Control
debugger detect & evade Attribute technique
debugger detect & evade Attribute applicable platform
debugger detect & evade Capability Anti-Behavioral Analysis
code encryption Attribute encryption algorithm
prevent concurrent execution Capability Execution
emulator detect & evade Capability Anti-Behavioral Analysis
Timing/Delay Checks Behavior debugger detect & evade
Timing/Date Checks Behavior sandbox detect & evade
emulator prevention Capability Anti-Behavioral Analysis

More...

Retrieved from "https://collaborate.mitre.org/ema/index.php?title=Duplicate_Rows_for_Yaron&oldid=6362"