| Rules | Models | MITRE ATT&CK® TTPs | Activity Types | Parsers |
|---|---|---|---|---|
| 8 | 3 | 6 | 1 | 1 |
| Use-Case | Activity Types/Parsers | MITRE ATT&CK® TTP | Content |
|---|---|---|---|
| Evasion | registry-write ↳google-gplus-sk4-app-activity-gplus |
T1564.001 - T1564.001 T1564.002 - T1564.002 |
|
| Malware | registry-write ↳google-gplus-sk4-app-activity-gplus |
T1112 - Modify Registry T1547.001 - T1547.001 T1574.010 - T1574.010 T1574.011 - T1574.011 |
|
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Hijack Execution Flow Boot or Logon Autostart Execution |
Hijack Execution Flow Boot or Logon Autostart Execution |
Hide Artifacts Modify Registry Hijack Execution Flow |