GET /api/techniques/131/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"id": 131,
"key": "kill-process",
"unprotect_id": "U0403",
"name": "Kill Process",
"description": "Malware often employs techniques to evade detection and hinder the efforts of security experts in analyzing its behavior. One notable method involves terminating processes associated with anti-virus software or monitoring tools.\r\n\r\nFor example, malware may specifically target processes like wireshark.exe, ida.exe, or procmon.exe, which are frequently used by analysts to observe and scrutinize running processes on a system. By terminating these processes, malware effectively obstruct security experts from acquiring insight into its operations and impedes their ability to analyze its inner workings.",
"resources": "https://www.bleepingcomputer.com/news/security/coinminer-comes-with-a-process-kill-list-to-keep-competitors-at-bay/",
"creation_date": "2019-03-23T18:09:35Z",
"tags": "Wireshark.exe,\r\nKill process,\r\nIda.exe,\r\nProcmon.exe,\r\nDisrupt,\r\nmonitoring",
"modification_date": "2023-10-04T10:43:58.020000Z",
"category": [
6
],
"rules": [
35,
36,
46
],
"attachments": [],
"featured_api": [
23,
24,
26,
27,
28,
425
],
"contributors": []
}
