References

Type
Url
Description

technique

https://attack.mitre.org/techniques/T1025


technique

http://www.thesafemac.com/new-signed-malware-called-janicab/

Thomas. (2013, July 15). New signed malware called Janicab. Retrieved July 17, 2017.


technique

https://securelist.com/why-you-shouldnt-completely-trust-files-signed-with-digital-certificates/6859

Ladikov, A. (2015, January 29). Why You Shouldn’t Completely Trust Files Signed with Digital Certificates. Retrieved March 31, 2016.


technique

http://www.symantec.com/connect/blogs/how-attackers-steal-private-keys-digital-certificates

Shinotsuka, H. (2013, February 22). How Attackers Steal Private Keys from Digital Certificates. Retrieved March 31, 2016.


technique

https://en.wikipedia.org/wiki/Code_signing

Wikipedia. (2015, November 10). Code Signing. Retrieved March 31, 2016.


technique

https://attack.mitre.org/techniques/T1116


technique

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html

AWS. (n.d.). Instance Metadata and User Data. Retrieved July 18, 2019.


technique

https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Higashi, Michael. (2018, May 15). Instance Metadata API: A Modern Day Trojan Horse. Retrieved July 16, 2019.


technique

https://attack.mitre.org/techniques/T1522


technique

https://www.endgame.com/blog/technical-blog/ten-process-injection-techniques-technical-survey-common

Hosseini, A. (2017, July 18). Ten Process Injection Techniques: A Technical Survey Of Common And Trending Process Injection Techniques. Retrieved December 7, 2017.