Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1059 | .003 | Command and Scripting Interpreter: Windows Command Shell | |
Enterprise | T1573 | .002 | Encrypted Channel: Asymmetric Cryptography |
adbupd contains a copy of the OpenSSL library to encrypt C2 traffic.[1] |
Enterprise | T1546 | .003 | Event Triggered Execution: Windows Management Instrumentation Event Subscription |