Obfuscate or encrypt code

From pre-attack
Jump to: navigation, search


Obfuscate or encrypt code
Technique
ID PRE-T1096
Tactic Adversary OPSEC

Definition

Obfuscation is the act of creating code that is more difficult to understand. Encoding transforms the code using a publicly available format. Encryption transforms the code such that it requires a key to reverse the encryption.1

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Various solutions exist for the adversary to use. This technique is commonly used to prevent attribution and evade detection.

Detection

Detectable by Common Defenses (Yes/No/Partial): Yes

Explanation: Detecting encryption is easy, decrypting/deobfuscating is hard.