Isolatesubtechnique

D3-CNRContent Rebuild

Definition

Rebuild the file according to the spec so any unreferenced components or objects are removed.

Defends against99

TypeTargetConfidenceTier
SubTechniqueInvalid Code Signaturet1036.001100%live
SubTechniqueThread Execution Hijackingt1055.003100%live
SubTechniqueLogon Script (Windows)t1037.001100%live
SubTechniqueSystemd Servicet1543.002100%live
SubTechniqueLC_LOAD_DYLIB Additiont1546.006100%live
SubTechniqueAppInit DLLst1546.010100%live
SubTechniqueNetwork Logon Scriptt1037.003100%live
SubTechniqueSpearphishing Linkt1566.002100%live
TechniqueExfiltration Over C2 Channelt1041100%live
TechniqueFile and Directory Discoveryt1083100%live
TechniqueCommand and Scripting Interpretert1059100%live
SubTechniqueArchive via Utilityt1560.001100%live
SubTechniqueSpace after Filenamet1036.006100%live
SubTechniqueRegistry Run Keys / Startup Foldert1547.001100%live
SubTechniqueArchive via Libraryt1560.002100%live
SubTechniqueWeb Protocolst1071.001100%live
SubTechniqueAccessibility Featurest1546.008100%live
SubTechniquePath Interception by Unquoted Patht1574.009100%live
TechniqueCredentials from Password Storest1555100%live
SubTechniqueLaunch Daemont1543.004100%live
SubTechniqueHidden Userst1564.002100%live
SubTechniqueRundll32t1218.011100%live
TechniqueInternal Spearphishingt1534100%live
SubTechniqueLSASS Drivert1547.008100%live
SubTechniquePluggable Authentication Modulest1556.003100%live
TechniqueDeobfuscate/Decode Files or Informationt1140100%live
SubTechniquePath Interception by Search Order Hijackingt1574.008100%live
SubTechniqueDynamic Linker Hijackingt1574.006100%live
TechniqueForced Authenticationt1187100%live
SubTechniqueAsymmetric Cryptographyt1573.002100%live

Showing top 30 of 99 by confidence. Click any target to see the full neighbourhood.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
Content Modification
Defence
Content Excision
Defence
Content Validation
Defence
Content Format Conversion
Defence
Content Substitution
Defence
File Content Rules
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.