Detecttechnique
D3-FIMFile Integrity Monitoring
File Integrity Monitoring
Definition
Detecting any suspicious changes to files in a computer system.
Defends against99
| Type | Target | Confidence | Tier |
|---|---|---|---|
| SubTechnique | Local Data Stagingt1074.001 | 100% | live |
| Technique | Steal or Forge Authentication Certificatest1649 | 100% | live |
| SubTechnique | Mshtat1218.005 | 100% | live |
| SubTechnique | Rename System Utilitiest1036.003 | 100% | live |
| Technique | System Network Configuration Discoveryt1016 | 100% | live |
| SubTechnique | Web Protocolst1071.001 | 100% | live |
| Technique | Data Encrypted for Impactt1486 | 100% | live |
| Technique | XSL Script Processingt1220 | 100% | live |
| SubTechnique | Office Template Macrost1137.001 | 100% | live |
| SubTechnique | Launch Daemont1543.004 | 100% | live |
| SubTechnique | Local Email Collectiont1114.001 | 100% | live |
| SubTechnique | Network Logon Scriptt1037.003 | 100% | live |
| Technique | Data from Local Systemt1005 | 100% | live |
| SubTechnique | Registry Run Keys / Startup Foldert1547.001 | 100% | live |
| Technique | Archive Collected Datat1560 | 100% | live |
| SubTechnique | Pluggable Authentication Modulest1556.003 | 100% | live |
| SubTechnique | Credentials from Web Browserst1555.003 | 100% | live |
| SubTechnique | Portable Executable Injectiont1055.002 | 100% | live |
| SubTechnique | Web Shellt1505.003 | 100% | live |
| SubTechnique | Emondt1546.014 | 100% | live |
| Technique | Exfiltration Over C2 Channelt1041 | 100% | live |
| SubTechnique | Accessibility Featurest1546.008 | 100% | live |
| SubTechnique | Plist Modificationt1547.011 | 100% | live |
| SubTechnique | MSBuildt1127.001 | 100% | live |
| SubTechnique | Proc Filesystemt1003.007 | 100% | live |
| Technique | Internal Spearphishingt1534 | 100% | live |
| SubTechnique | VBA Stompingt1564.007 | 100% | live |
| SubTechnique | Outlook Formst1137.003 | 100% | live |
| SubTechnique | Spearphishing Attachmentt1566.001 | 100% | live |
| SubTechnique | RC Scriptst1037.004 | 100% | live |
Showing top 30 of 99 by confidence. Click any target to see the full neighbourhood.
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.