Exploit.T1106Execution is Malwarebytes’ detection name for attempts at the malicious usage of native OS API.
Exploit.T1106Execution monitors, detects, and blocks the malicious usage of native OS API. T1106 is a reference to the Mitre Att&ck technique Native API: Adversaries may interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes. Adversaries may abuse these OS API functions as a means of executing behaviors.
Malwarebytes protects your system(s) by detecting attempts at the malicious usage of native OS API and displays the message T1106 – Execution