Obfuscate or encrypt code

Obfuscation is the act of creating code that is more difficult to understand. Encoding transforms the code using a publicly available format. Encryption transforms the code such that it requires a key to reverse the encryption. [1]

ID: T1319

Tactic: Adversary Opsec

Version: 1.0

Detection

Detectable by Common Defenses (Yes/No/Partial): Yes

Explanation: Detecting encryption is easy, decrypting/deobfuscating is hard.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Various solutions exist for the adversary to use. This technique is commonly used to prevent attribution and evade detection.

References

  1. CYLANCE. (n.d.). Operation Cleaver. Retrieved March 6, 2017.