technique
https://attack.mitre.org/techniques/T1025
technique
http://www.thesafemac.com/new-signed-malware-called-janicab/
Thomas. (2013, July 15). New signed malware called Janicab. Retrieved July 17, 2017.
technique
https://securelist.com/why-you-shouldnt-completely-trust-files-signed-with-digital-certificates/6859
Ladikov, A. (2015, January 29). Why You Shouldn’t Completely Trust Files Signed with Digital Certificates. Retrieved March 31, 2016.
technique
http://www.symantec.com/connect/blogs/how-attackers-steal-private-keys-digital-certificates
Shinotsuka, H. (2013, February 22). How Attackers Steal Private Keys from Digital Certificates. Retrieved March 31, 2016.
technique
https://en.wikipedia.org/wiki/Code_signing
Wikipedia. (2015, November 10). Code Signing. Retrieved March 31, 2016.
technique
https://attack.mitre.org/techniques/T1116
technique
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
AWS. (n.d.). Instance Metadata and User Data. Retrieved July 18, 2019.
technique
https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Higashi, Michael. (2018, May 15). Instance Metadata API: A Modern Day Trojan Horse. Retrieved July 16, 2019.
technique
https://attack.mitre.org/techniques/T1522
technique
https://www.endgame.com/blog/technical-blog/ten-process-injection-techniques-technical-survey-common
Hosseini, A. (2017, July 18). Ten Process Injection Techniques: A Technical Survey Of Common And Trending Process Injection Techniques. Retrieved December 7, 2017.