Execution
The adversary is trying to run malicious code.
| Technique-ID | Title | Description |
|---|---|---|
| ATE-034 | Command and Scripting Interpreter |
Attackers exploit command and script interpreters to execute commands, scripts, or binaries. These interpreters are fundamental tools for interacting with computer systems and can be found on various platforms. |
| ATE-035 | Inter-process Communication: D-Bus |
D-Bus is a communication protocol that facilitates data exchange between various software components within the vehicle, enhancing interoperability and enabling event-driven communication |
| ATE-036 | Native API |
Adversaries use the native OS application programming interface (API) to perform various actions. Native APIs allow controlled access to low-level OS services, including hardware, memory, and processes. These APIs are essential during system boot and regular operations. |
| ATE-037 | Scheduled Task/Job |
Attackers use the task scheduling feature to execute malicious code, either as a one-time event or at recurring intervals. Task scheduling is used to achieve persistence by running programs at system startup or on a schedule. It can also allow them to run processes using specific user account contexts, perhaps with elevated privileges. |
| ATE-038 | User Execution |
Users are tricked into taking actions using social engineering that result in the execution of malware or other malicious activities. Users are manipulated through phishing, vishing (voice phishing) or other forms of interaction. |