Threats Consequences Barriers

Threats Library

Reusable threat definitions (causes on the left side of bow-tie diagrams).

Add Threat

Tags: clear tags
Clear all
13 threats — page 1 of 1
Name Category Tags Description
Masquerading Defense Evasion
mitre-attack T1036
Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or … Edit
Masquerading: Break Process Trees Defense Evasion
mitre-attack T1036.009
An adversary may attempt to evade process tree-based analysis by modifying executed malware's parent… Edit
Masquerading: Browser Fingerprint Defense Evasion
mitre-attack T1036.012
Adversaries may attempt to blend in with legitimate traffic by spoofing browser and system attribute… Edit
Masquerading: Double File Extension Defense Evasion
mitre-attack T1036.007
Adversaries may abuse a double extension in the filename as a means of masquerading the true file ty… Edit
Masquerading: Invalid Code Signature Defense Evasion
mitre-attack T1036.001
Adversaries may attempt to mimic features of valid code signatures to increase the chance of deceivi… Edit
Masquerading: Masquerade Account Name Defense Evasion
mitre-attack T1036.010
Adversaries may match or approximate the names of legitimate accounts to make newly created ones app… Edit
Masquerading: Masquerade File Type Defense Evasion
mitre-attack T1036.008
Adversaries may masquerade malicious payloads as legitimate files through changes to the payload's f… Edit
Masquerading: Masquerade Task or Service Defense Evasion
mitre-attack T1036.004
Adversaries may attempt to manipulate the name of a task or service to make it appear legitimate or … Edit
Masquerading: Match Legitimate Resource Name or Location Defense Evasion
mitre-attack T1036.005
Adversaries may match or approximate the name or location of legitimate files, Registry keys, or oth… Edit
Masquerading: Overwrite Process Arguments Defense Evasion
mitre-attack T1036.011
Adversaries may modify a process's in-memory arguments to change its name in order to appear as a le… Edit
Masquerading: Rename Legitimate Utilities Defense Evasion
mitre-attack T1036.003
Adversaries may rename legitimate / system utilities to try to evade security mechanisms concerning … Edit
Masquerading: Right-to-Left Override Defense Evasion
mitre-attack T1036.002
Adversaries may abuse the right-to-left override (RTLO or RLO) character (U+202E) to disguise a stri… Edit
Masquerading: Space after Filename Defense Evasion
mitre-attack T1036.006
Adversaries can hide a program's true filetype by changing the extension of a file. With certain fil… Edit