MITRE ATT&CK T1036 Masquerading

picus Logo 2019As a defense evasion technique, adversaries change features of their malicious artifacts with legitimate and trusted ones. Code signatures, names and location of malware files, names of tasks and services are some examples of these features. After masquerading, malicious artifacts of adversaries such as malware files appear legitimate to users and security controls.


In this article, we review:

  • the fundamentals of the Masquerading technique
  • features manipulated by adversaries for Masquerading
  • its use cases by threat actors and malware
  • Red team exercises for this technique

Adversaries masquerade their malicious artifacts, such as malware files and processes, as legitimate software and processes to evade detection by users and security controls. more!

Ectacom HQ Munich

ectacom GmbH
+49 8102 8952-0
Friedrich-Bergius-Str. 12
D-85662 Hohenbrunn


ectacom GmbH
+43 664 42 20 555
Am Europlatz 2
A-1120 Wien


ectacom Salesoffice
+48 501 295 580
This email address is being protected from spambots. You need JavaScript enabled to view it.