Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1189 | Drive-by Compromise |
POORAIM has been delivered through compromised sites acting as watering holes.[1] |
|
Enterprise | T1083 | File and Directory Discovery | ||
Enterprise | T1057 | Process Discovery | ||
Enterprise | T1113 | Screen Capture | ||
Enterprise | T1082 | System Information Discovery |
POORAIM can identify system information, including battery status.[1] |
|
Enterprise | T1102 | .002 | Web Service: Bidirectional Communication |