mirror of
https://github.com/DISARMFoundation/DISARMframeworks.git
synced 2024-12-19 04:44:19 -05:00
40 lines
2.0 KiB
JSON
40 lines
2.0 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--e1b8ccd4-988a-497c-a9c6-80f3cef8b999",
|
|
"objects": [
|
|
{
|
|
"type": "attack-pattern",
|
|
"spec_version": "2.1",
|
|
"id": "attack-pattern--15cba133-fa27-4632-9996-22b74751749a",
|
|
"created_by_ref": "identity--f1a0f560-2d9e-4c5d-bf47-7e96e805de82",
|
|
"created": "2024-08-02T17:12:32.433235Z",
|
|
"modified": "2024-08-02T17:12:32.433235Z",
|
|
"name": "Scenery Account Imagery",
|
|
"description": "Scenery or nature used in account imagery.<br><br> An influence operation might flesh out its account by uploading account imagery (e.g. a profile picture), increasing its perceived authenticity.<br><br> People sometimes legitimately use images of scenery as their profile picture, and threat actors can mimic this behaviour to avoid the risk of detection associated with stealing or AI-generating profile pictures (see T0145.001: Copy Account Imagery and T0145.002: AI-Generated Account Imagery).<br><br> This Technique is often used by Coordinated Inauthentic Behaviour accounts (CIBs). A collection of accounts displaying the same behaviour using similar account imagery can indicate the presence of CIB.",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "mitre-attack",
|
|
"phase_name": "establish-assets"
|
|
}
|
|
],
|
|
"external_references": [
|
|
{
|
|
"source_name": "mitre-attack",
|
|
"url": "https://github.com/DISARMFoundation/DISARMframeworks/blob/main/generated_pages/techniques/T0145.004.md",
|
|
"external_id": "T0145.004"
|
|
}
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--f79f25d2-8b96-4580-b169-eb7b613a7c31"
|
|
],
|
|
"x_mitre_is_subtechnique": true,
|
|
"x_mitre_platforms": [
|
|
"Windows",
|
|
"Linux",
|
|
"Mac"
|
|
],
|
|
"x_mitre_version": "2.1"
|
|
}
|
|
]
|
|
}
|