Related blog content
Anti-exploit settings in Malwarebytes Nebula
Exploit.T1106Execution is Malwarebytes' detection name for attempts at the malicious usage of native OS API.
Exploit.T1106Execution monitors, detects, and blocks the malicious usage of native OS API. T1106 is a reference to the Mitre Att&ck technique Native API: Adversaries may interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes. Adversaries may abuse these OS API functions as a means of executing behaviors.
Select your language