Isolatesubtechnique

D3-FMBVFile Magic Byte Verification

Definition

Utilizing the magic number to verify the file

Defends against99

TypeTargetConfidenceTier
SubTechniqueRC Scriptst1037.004100%live
SubTechniqueCompile After Deliveryt1027.004100%live
SubTechniqueArchive via Utilityt1560.001100%live
SubTechniqueScreensavert1546.002100%live
SubTechniqueClear Linux or Mac System Logst1070.002100%live
SubTechniqueAppInit DLLst1546.010100%live
SubTechniqueLocal Email Collectiont1114.001100%live
SubTechniqueHidden Userst1564.002100%live
TechniqueExfiltration Over C2 Channelt1041100%live
SubTechniqueAccessibility Featurest1546.008100%live
SubTechniqueCredentials from Web Browserst1555.003100%live
SubTechniqueNetwork Logon Scriptt1037.003100%live
SubTechniqueHidden Windowt1564.003100%live
TechniqueRootkitt1014100%live
SubTechniqueSudo and Sudo Cachingt1548.003100%live
SubTechniqueLogin Hookt1037.002100%live
TechniqueSystem Network Configuration Discoveryt1016100%live
TechniqueArchive Collected Datat1560100%live
SubTechniqueRundll32t1218.011100%live
TechniqueForced Authenticationt1187100%live
SubTechniqueDylib Hijackingt1574.004100%live
SubTechniqueImpair Command History Loggingt1562.003100%live
SubTechniquePath Interception by Unquoted Patht1574.009100%live
SubTechniqueBash Historyt1552.003100%live
SubTechniqueVDSO Hijackingt1055.014100%live
SubTechniqueProc Memoryt1055.009100%live
SubTechniqueEmondt1546.014100%live
SubTechniquePlist Modificationt1547.011100%live
SubTechniqueOutlook Formst1137.003100%live
SubTechniqueBinary Paddingt1027.001100%live

Showing top 30 of 99 by confidence. Click any target to see the full neighbourhood.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
File Metadata Value Verification
Defence
File Format Verification
Defence
File Internal Structure Verification
Defence
File Metadata Consistency Validation
Defence
File Hashing
Defence
Firmware Verification
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.