DISARMframeworks/generated_files/DISARM_STIX/attack-pattern/attack-pattern--504c61d2-013a-49c5-89b3-c823aaa028fa.json
2024-11-22 13:37:54 -05:00

40 lines
2.0 KiB
JSON

{
"type": "bundle",
"id": "bundle--a932f28d-15c1-4c31-bc02-2a8dee308d07",
"objects": [
{
"type": "attack-pattern",
"spec_version": "2.1",
"id": "attack-pattern--504c61d2-013a-49c5-89b3-c823aaa028fa",
"created_by_ref": "identity--f1a0f560-2d9e-4c5d-bf47-7e96e805de82",
"created": "2024-11-22T16:43:58.222498Z",
"modified": "2024-11-22T16:43:58.222498Z",
"name": "Scenery Account Imagery",
"description": "Scenery or nature used in account imagery.<br><br> An influence operation might flesh out its account by uploading account imagery (e.g. a profile picture), increasing its perceived authenticity.<br><br> People sometimes legitimately use images of scenery as their profile picture, and threat actors can mimic this behaviour to avoid the risk of detection associated with stealing or AI-generating profile pictures (see T0145.001: Copy Account Imagery and T0145.002: AI-Generated Account Imagery).<br><br> This Technique is often used by Coordinated Inauthentic Behaviour accounts (CIBs). A collection of accounts displaying the same behaviour using similar account imagery can indicate the presence of CIB.",
"kill_chain_phases": [
{
"kill_chain_name": "mitre-attack",
"phase_name": "establish-assets"
}
],
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://github.com/DISARMFoundation/DISARMframeworks/blob/main/generated_pages/techniques/T0145.004.md",
"external_id": "T0145.004"
}
],
"object_marking_refs": [
"marking-definition--f79f25d2-8b96-4580-b169-eb7b613a7c31"
],
"x_mitre_is_subtechnique": true,
"x_mitre_platforms": [
"Windows",
"Linux",
"Mac"
],
"x_mitre_version": "2.1"
}
]
}