Isolatesubtechnique
D3-FMVVFile Metadata Value Verification
Definition
The process of checking specific static values within a file, such as file signatures or magic numbers, to ensure they match the expected values defined by the file format specification.
Defends against99
| Type | Target | Confidence | Tier |
|---|---|---|---|
| SubTechnique | Office Template Macrost1137.001 | 100% | live |
| SubTechnique | Archive via Utilityt1560.001 | 100% | live |
| SubTechnique | Proc Memoryt1055.009 | 100% | live |
| SubTechnique | Archive via Libraryt1560.002 | 100% | live |
| SubTechnique | MSBuildt1127.001 | 100% | live |
| SubTechnique | Credentials In Filest1552.001 | 100% | live |
| SubTechnique | Credentials from Web Browserst1555.003 | 100% | live |
| SubTechnique | Software Packingt1027.002 | 100% | live |
| SubTechnique | RC Scriptst1037.004 | 100% | live |
| SubTechnique | Password Filter DLLt1556.002 | 100% | live |
| SubTechnique | Dynamic Linker Hijackingt1574.006 | 100% | live |
| SubTechnique | Outlook Formst1137.003 | 100% | live |
| SubTechnique | Thread Execution Hijackingt1055.003 | 100% | live |
| Technique | Credentials from Password Storest1555 | 100% | live |
| SubTechnique | Binary Paddingt1027.001 | 100% | live |
| SubTechnique | Run Virtual Instancet1564.006 | 100% | live |
| SubTechnique | Exfiltration Over Asymmetric Encrypted Non-C2 Protocolt1048.002 | 100% | live |
| SubTechnique | Spearphishing via Servicet1566.003 | 100% | live |
| Technique | Steal or Forge Authentication Certificatest1649 | 100% | live |
| SubTechnique | Network Logon Scriptt1037.003 | 100% | live |
| SubTechnique | Compile After Deliveryt1027.004 | 100% | live |
| SubTechnique | LSASS Drivert1547.008 | 100% | live |
| SubTechnique | Space after Filenamet1036.006 | 100% | live |
| SubTechnique | Bash Historyt1552.003 | 100% | live |
| SubTechnique | Trapt1546.005 | 100% | live |
| SubTechnique | Spearphishing Attachmentt1566.001 | 100% | live |
| SubTechnique | Screensavert1546.002 | 100% | live |
| SubTechnique | AppCert DLLst1546.009 | 100% | live |
| SubTechnique | Local Email Collectiont1114.001 | 100% | live |
| SubTechnique | PowerShell Profilet1546.013 | 100% | live |
Showing top 30 of 99 by confidence. Click any target to see the full neighbourhood.
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.