2022-02-20 15:37:38 -05:00
|
|
|
{
|
|
|
|
"type": "bundle",
|
2022-06-30 23:30:18 -04:00
|
|
|
"id": "bundle--9dc44dbc-1527-4635-bafe-eb6f3a723d8e",
|
2022-02-20 15:37:38 -05:00
|
|
|
"objects": [
|
|
|
|
{
|
|
|
|
"type": "attack-pattern",
|
|
|
|
"spec_version": "2.1",
|
2022-06-30 23:30:18 -04:00
|
|
|
"id": "attack-pattern--5ced2330-8d58-4417-8ae3-ce66cabb513c",
|
|
|
|
"created_by_ref": "identity--6edd4070-0d58-4fcb-a92c-1cd606b1e372",
|
|
|
|
"created": "2022-07-01T03:29:17.112292Z",
|
|
|
|
"modified": "2022-07-01T03:29:17.112292Z",
|
|
|
|
"name": "Organize Events",
|
2022-02-20 15:37:38 -05:00
|
|
|
"description": "TA10",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "mitre-attack",
|
|
|
|
"phase_name": "drive-offline-activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"external_references": [
|
|
|
|
{
|
|
|
|
"source_name": "DISARM",
|
|
|
|
"url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0057.md",
|
|
|
|
"external_id": "T0057"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"object_marking_refs": [
|
2022-06-30 23:30:18 -04:00
|
|
|
"marking-definition--b4a225e6-c764-4dc7-907a-91c3b332d65d"
|
2022-02-20 15:37:38 -05:00
|
|
|
],
|
|
|
|
"x_mitre_is_subtechnique": false,
|
|
|
|
"x_mitre_platforms": [
|
|
|
|
"Windows",
|
|
|
|
"Linux",
|
|
|
|
"Mac"
|
|
|
|
],
|
|
|
|
"x_mitre_version": "1,0"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|