Threats Library
Reusable threat definitions (causes on the left side of bow-tie diagrams).
Add Threat
Tags:
clear tags
15 threats — page 1 of 1
| Name | Category | Tags | Description | |
|---|---|---|---|---|
| System Binary Proxy Execution | Defense Evasion | Adversaries may bypass process and/or signature-based defenses by proxying execution of malicious co… | Edit | |
| System Binary Proxy Execution: CMSTP | Defense Evasion | Adversaries may abuse CMSTP to proxy execution of malicious code. The Microsoft Connection Manager P… | Edit | |
| System Binary Proxy Execution: Compiled HTML File | Defense Evasion | Adversaries may abuse Compiled HTML files (.chm) to conceal malicious code. CHM files are commonly d… | Edit | |
| System Binary Proxy Execution: Control Panel | Defense Evasion | Adversaries may abuse control.exe to proxy execution of malicious payloads. The Windows Control Pane… | Edit | |
| System Binary Proxy Execution: Electron Applications | Defense Evasion | Adversaries may abuse components of the Electron framework to execute malicious code. The Electron f… | Edit | |
| System Binary Proxy Execution: InstallUtil | Defense Evasion | Adversaries may use InstallUtil to proxy execution of code through a trusted Windows utility. Instal… | Edit | |
| System Binary Proxy Execution: MMC | Defense Evasion | Adversaries may abuse mmc.exe to proxy execution of malicious .msc files. Microsoft Management Conso… | Edit | |
| System Binary Proxy Execution: Mavinject | Defense Evasion | Adversaries may abuse mavinject.exe to proxy execution of malicious code. Mavinject.exe is the Micro… | Edit | |
| System Binary Proxy Execution: Mshta | Defense Evasion | Adversaries may abuse mshta.exe to proxy execution of malicious .hta files and Javascript or VBScrip… | Edit | |
| System Binary Proxy Execution: Msiexec | Defense Evasion | Adversaries may abuse msiexec.exe to proxy execution of malicious payloads. Msiexec.exe is the comma… | Edit | |
| System Binary Proxy Execution: Odbcconf | Defense Evasion | Adversaries may abuse odbcconf.exe to proxy execution of malicious payloads. Odbcconf.exe is a Windo… | Edit | |
| System Binary Proxy Execution: Regsvcs/Regasm | Defense Evasion | Adversaries may abuse Regsvcs and Regasm to proxy execution of code through a trusted Windows utilit… | Edit | |
| System Binary Proxy Execution: Regsvr32 | Defense Evasion | Adversaries may abuse Regsvr32.exe to proxy execution of malicious code. Regsvr32.exe is a command-l… | Edit | |
| System Binary Proxy Execution: Rundll32 | Defense Evasion | Adversaries may abuse rundll32.exe to proxy execution of malicious code. Using rundll32.exe, vice ex… | Edit | |
| System Binary Proxy Execution: Verclsid | Defense Evasion | Adversaries may abuse verclsid.exe to proxy execution of malicious code. Verclsid.exe is known as th… | Edit |