adpare
53 lines
2.4 KiB
JSON
53 lines
2.4 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--26cf0721-76f2-4ff9-87be-cb28bc7ce6c7",
|
|
"spec_version": "2.0",
|
|
"objects": [
|
|
{
|
|
"type": "attack-pattern",
|
|
"id": "attack-pattern--2ccc3d39-9598-4d32-9657-42e1c7095d26",
|
|
"created": "2022-04-05T19:57:15.734Z",
|
|
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
|
|
"revoked": false,
|
|
"external_references": [
|
|
{
|
|
"source_name": "mitre-attack",
|
|
"url": "https://attack.mitre.org/techniques/T1637",
|
|
"external_id": "T1637"
|
|
},
|
|
{
|
|
"source_name": "Data Driven Security DGA",
|
|
"description": "Jacobs, J. (2014, October 2). Building a DGA Classifier: Part 2, Feature Engineering. Retrieved February 18, 2019.",
|
|
"url": "https://datadrivensecurity.info/blog/posts/2014/Oct/dga-part2/"
|
|
}
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
|
|
],
|
|
"modified": "2025-10-24T17:48:34.706Z",
|
|
"name": "Dynamic Resolution",
|
|
"description": "Adversaries may dynamically establish connections to command and control infrastructure to evade common detections and remediations. This may be achieved by using malware that shares a common algorithm with the infrastructure the adversary uses to receive the malware's communications. This algorithm can be used to dynamically adjust parameters such as the domain name, IP address, or port number the malware uses for command and control.",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "mitre-mobile-attack",
|
|
"phase_name": "command-and-control"
|
|
}
|
|
],
|
|
"x_mitre_attack_spec_version": "3.2.0",
|
|
"x_mitre_deprecated": false,
|
|
"x_mitre_domains": [
|
|
"mobile-attack"
|
|
],
|
|
"x_mitre_is_subtechnique": false,
|
|
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
|
|
"x_mitre_platforms": [
|
|
"Android",
|
|
"iOS"
|
|
],
|
|
"x_mitre_version": "1.1",
|
|
"x_mitre_tactic_type": [
|
|
"Post-Adversary Device Access"
|
|
]
|
|
}
|
|
]
|
|
} |