Isolatesubtechnique
D3-FISVFile Internal Structure Verification
Definition
The process of checking specific static values within a file, such as file signatures or magic numbers, to ensure they match the expected values defined by the file format specification.
Defends against99
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Technique | Archive Collected Datat1560 | 100% | live |
| SubTechnique | VDSO Hijackingt1055.014 | 100% | live |
| SubTechnique | Impair Command History Loggingt1562.003 | 100% | live |
| SubTechnique | Credentials In Filest1552.001 | 100% | live |
| SubTechnique | Trapt1546.005 | 100% | live |
| SubTechnique | Unix Shell Configuration Modificationt1546.004 | 100% | live |
| Technique | Steal or Forge Authentication Certificatest1649 | 100% | live |
| SubTechnique | Compile After Deliveryt1027.004 | 100% | live |
| SubTechnique | Local Email Collectiont1114.001 | 100% | live |
| Technique | Data Encrypted for Impactt1486 | 100% | live |
| Technique | XSL Script Processingt1220 | 100% | live |
| SubTechnique | Proc Filesystemt1003.007 | 100% | live |
| Technique | Remote System Discoveryt1018 | 100% | live |
| SubTechnique | Plist Modificationt1547.011 | 100% | live |
| SubTechnique | Logon Script (Windows)t1037.001 | 100% | live |
| SubTechnique | Web Protocolst1071.001 | 100% | live |
| SubTechnique | Systemd Servicet1543.002 | 100% | live |
| Technique | System Owner/User Discoveryt1033 | 100% | live |
| Technique | Credentials from Password Storest1555 | 100% | live |
| SubTechnique | Dynamic Linker Hijackingt1574.006 | 100% | live |
| SubTechnique | PowerShell Profilet1546.013 | 100% | live |
| SubTechnique | Portable Executable Injectiont1055.002 | 100% | live |
| SubTechnique | Malicious Filet1204.002 | 100% | live |
| SubTechnique | Launch Agentt1543.001 | 100% | live |
| SubTechnique | Launch Daemont1543.004 | 100% | live |
| SubTechnique | Thread Execution Hijackingt1055.003 | 100% | live |
| SubTechnique | Launchdt1053.004 | 100% | live |
| SubTechnique | Office Template Macrost1137.001 | 100% | live |
| SubTechnique | Outlook Formst1137.003 | 100% | live |
| SubTechnique | Dylib Hijackingt1574.004 | 100% | live |
Showing top 30 of 99 by confidence. Click any target to see the full neighbourhood.
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.