ATT&CK 기법 · Stealth
Deobfuscate/Decode Files or Information T1140
이 기법을 다룬 REVELARE 한국어 위협 분석 1편 · Stealth
이 기법을 다룬 분석
MITRE 공식 정의
Adversaries may use [Obfuscated Files or Information](https://attack.mitre.org/techniques/T1027) to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system. One such example is the use of [certutil](https://attack.mitre.org/software/S0160) to decode a remote ac…
플랫폼: ESXi, Linux, macOS, Windows