ATT&CK v18 has been released! Check out the blog post or changelog for more information.

Malware Metadata

Contextual data about a malicious payload, such as compilation times, file hashes, as well as watermarks or other identifiable configuration information

ID: DC0003

Domains: Enterprise

Version: 2.0

Created: 20 October 2021

Last Modified: 21 October 2025

Log Sources

Name	Channel
Malware Repository	None

Detection Strategy

ID	Name	Technique Detected
DET0833	Detection of Code Signing Certificates	T1587.002
DET0875	Detection of Code Signing Certificates	T1588.003
DET0853	Detection of Develop Capabilities	T1587
DET0872	Detection of Malware	T1587.001
DET0845	Detection of Malware	T1588.001
DET0850	Detection of Obtain Capabilities	T1588
DET0852	Detection of Tool	T1588.002