2022-01-29 11:34:46 -05:00
|
|
|
# Counter C00182: Redirection / malware detection/ remediation
|
|
|
|
|
2022-06-30 18:22:19 -04:00
|
|
|
* **Summary**: Detect redirction or malware, then quarantine or delete.
|
2022-01-29 11:34:46 -05:00
|
|
|
|
|
|
|
* **Playbooks**:
|
|
|
|
|
|
|
|
* **Metatechnique**: M005 - removal
|
|
|
|
|
|
|
|
* **Resources needed:**
|
|
|
|
|
|
|
|
* **Belongs to tactic stage**: TA09
|
|
|
|
|
|
|
|
|
|
|
|
| Actor types | Sectors |
|
|
|
|
| ----------- | ------- |
|
|
|
|
| [A027 information security](../generated_pages/actortypes/A027.md) | S008 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Counters these Tactics |
|
|
|
|
| ---------------------- |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Counters these Techniques |
|
|
|
|
| ------------------------- |
|
2022-06-30 23:30:18 -04:00
|
|
|
| [T0011 Compromise legitimate accounts](../generated_pages/techniques/T0011.md) |
|
2022-01-29 11:34:46 -05:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Seen in incidents |
|
|
|
|
| ----------------- |
|
|
|
|
|
|
|
|
|
|
|
|
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW
|