SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
Tasklist
The Tasklist utility displays a list of applications and services with their Process IDs (PID) for all tasks running on either a local or a remote computer. It is packaged with Windows operating systems and can be executed from the command-line interface. [1]
ID: S0057
Type: TOOL
Platforms: Windows
Version: 1.0
Created: 31 May 2017
Last Modified: 17 October 2018
Techniques Used
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1057 | Process Discovery |
Tasklist can be used to discover processes running on a system.[1] |
|
Enterprise | T1518 | .001 | Software Discovery: Security Software Discovery |
Tasklist can be used to enumerate security software currently running on a system by process name of known products.[1] |
Enterprise | T1007 | System Service Discovery |
Tasklist can be used to discover services running on a system.[1] |
Groups That Use This Software
ID | Name | References |
---|---|---|
G0049 | OilRig | |
G0004 | Ke3chang | |
G0009 | Deep Panda | |
G0006 | APT1 | |
G0010 | Turla | |
G0072 | Honeybee | |
G0019 | Naikon |
References
- Microsoft. (n.d.). Tasklist. Retrieved December 23, 2015.
- Falcone, R. and Lee, B.. (2016, May 26). The OilRig Campaign: Attacks on Saudi Arabian Organizations Deliver Helminth Backdoor. Retrieved May 3, 2017.
- Sardiwal, M, et al. (2017, December 7). New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit. Retrieved December 20, 2017.
- Smallridge, R. (2018, March 10). APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS. Retrieved April 4, 2018.
- Alperovitch, D. (2014, July 7). Deep in Thought: Chinese Targeting of National Security Think Tanks. Retrieved November 12, 2014.
- Mandiant. (n.d.). APT1 Exposing One of China’s Cyber Espionage Units. Retrieved July 18, 2016.
- Kaspersky Lab's Global Research and Analysis Team. (2014, August 7). The Epic Turla Operation: Solving some of the mysteries of Snake/Uroburos. Retrieved December 11, 2014.
- Sherstobitoff, R. (2018, March 02). McAfee Uncovers Operation Honeybee, a Malicious Document Campaign Targeting Humanitarian Aid Groups. Retrieved May 16, 2018.
- Baumgartner, K., Golovkin, M.. (2015, May). The MsnMM Campaigns: The Earliest Naikon APT Campaigns. Retrieved April 10, 2019.
×