Match Legitimate Name or Location

Cybrary
Course
COMING SOON

Once an adversary is in your environment they will try to evade your defenses. Renaming their code to look like a legitimate executable is a solid plan. How can you tell if that AcroRD32.exe file is malicious or benign? How can you stop this from happening in the first place? Get hands-on answering these questions today.

Difficulty
Intermediate
CEU/CPE
2
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Course Description

After an adversary takes the time to gain access to an environment they aren’t likely to give up their position by being completely obvious. Adversaries need to evade detection in order to have the time to find the information they’re really after. One technique to accomplish this is by hiding in plain sight. Adversaries may name their malicious payloads similarly to system files or commonly installed programs. They’ll even make sure to store these files in similar directories, all in service of avoiding detection.

Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by financially motivated threat group FIN7. Prevent adversaries from accomplishing the tactic of Defense Evasion in your environment now.

Provider
Cybrary
Certificate of Completion
Certificate Of Completion

Complete this entire course to earn a Match Legitimate Name or Location Certificate of Completion