Malware Trends Report: Q4, 2024
Tags
cmtmf-attack-pattern: Application Layer Protocol Boot Or Logon Autostart Execution Command And Scripting Interpreter Masquerading Scheduled Task/Job
maec-delivery-vectors: Watering Hole
attack-pattern: Data Application Layer Protocol - T1437 Boot Or Logon Autostart Execution - T1547 Command And Scripting Interpreter - T1623 Create Or Modify System Process - T1543 Credentials From Password Stores - T1555 Credentials From Web Browsers - T1555.003 Credentials From Web Browsers - T1503 Data Destruction - T1662 Data Destruction - T1485 Disable Or Modify Tools - T1562.001 Disable Or Modify Tools - T1629.003 Exploits - T1587.004 Exploits - T1588.005 Hidden Window - T1564.003 Impair Defenses - T1562 Impair Defenses - T1629 Install Root Certificate - T1553.004 Linux And Mac File And Directory Permissions Modification - T1222.002 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Match Legitimate Name Or Location - T1036.005 Match Legitimate Name Or Location - T1655.001 System Information Discovery - T1426 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Registry Run Keys / Startup Folder - T1547.001 Rename System Utilities - T1036.003 Rundll32 - T1218.011 Scheduled Task - T1053.005 Scheduled Task/Job - T1603 Service Execution - T1569.002 Spearphishing Link - T1566.002 Spearphishing Link - T1598.003 System Checks - T1633.001 System Checks - T1497.001 System Services - T1569 Systemd Service - T1543.002 Systemd Service - T1501 Systemd Timers - T1053.006 Windows Command Shell - T1059.003 Unix Shell - T1059.004 Visual Basic - T1059.005 Windows File And Directory Permissions Modification - T1222.001 Virtualization/Sandbox Evasion - T1497 Time Based Evasion - T1497.003 Unix Shell - T1623.001 Virtualization/Sandbox Evasion - T1633 Standard Application Layer Protocol - T1071 Command-Line Interface - T1059 Masquerading - T1036 Powershell - T1086 Remote System Discovery - T1018 Rootkit - T1014 Rundll32 - T1085 Scheduled Task - T1053 Service Execution - T1035 Signed Binary Proxy Execution - T1218 Spearphishing Link - T1192 System Information Discovery - T1082 Data Destruction Masquerading Remote System Discovery Rootkit
Common Information
Type Value
UUID 3d749281-8188-41e3-8286-cd4da859d104
Fingerprint 94650b2aad188719
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 7, 2025, 10:01 a.m.
Added to db Jan. 7, 2025, 12:07 p.m.
Last updated Feb. 12, 2025, 11:32 a.m.
Headline Malware Trends Report: Q4, 2024
Title Malware Trends Report: Q4, 2024
Detected Hints/Tags/Attributes 92/3/21
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 171 Malware on Medium https://medium.com/feed/tag/malware 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1461
any.run
Details MITRE ATT&CK Techniques 392
T1059.003
Details MITRE ATT&CK Techniques 43
T1036.003
Details MITRE ATT&CK Techniques 220
T1566.002
Details MITRE ATT&CK Techniques 551
T1059.001
Details MITRE ATT&CK Techniques 74
T1497.003
Details MITRE ATT&CK Techniques 464
T1547.001
Details MITRE ATT&CK Techniques 326
T1053.005
Details MITRE ATT&CK Techniques 116
T1497.001
Details MITRE ATT&CK Techniques 10
T1553.004
Details MITRE ATT&CK Techniques 145
T1218.011
Details MITRE ATT&CK Techniques 198
T1569.002
Details MITRE ATT&CK Techniques 209
T1036.005
Details MITRE ATT&CK Techniques 11
T1053.006
Details MITRE ATT&CK Techniques 30
T1543.002
Details MITRE ATT&CK Techniques 165
T1059.005
Details MITRE ATT&CK Techniques 355
T1562.001
Details MITRE ATT&CK Techniques 28
T1222.001
Details MITRE ATT&CK Techniques 105
T1059.004
Details MITRE ATT&CK Techniques 45
T1222.002
Details MITRE ATT&CK Techniques 80
T1564.003