Exploit.T1106Execution

detection icon

Short bio

Exploit.T1106Execution is Malwarebytes’ detection name for attempts at the malicious usage of native OS API.

Technique

Exploit.T1106Execution monitors, detects, and blocks the malicious usage of native OS API. T1106 is a reference to the Mitre Att&ck technique Native API: Adversaries may interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes. Adversaries may abuse these OS API functions as a means of executing behaviors.

Protection

Malwarebytes protects your system(s) by detecting attempts at the malicious usage of native OS API and displays the message T1106 – Execution

list of Exploit detections in Nebula
detection icon

Related blog content

Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams