MITRE ATT&CK T1036 Masquerading
As a defense evasion technique, adversaries change features of their malicious artifacts with legitimate and trusted ones. Code signatures, names and location of malware files, names of tasks and services are some examples of these features. After masquerading, malicious artifacts of adversaries such as malware files appear legitimate to users and security controls.
In this article, we review:
- the fundamentals of the Masquerading technique
- features manipulated by adversaries for Masquerading
- its use cases by threat actors and malware
- Red team exercises for this technique
Adversaries masquerade their malicious artifacts, such as malware files and processes, as legitimate software and processes to evade detection by users and security controls. ...read more!