Head Mare

T1005 - Data from Local System T1016 - System Network Configuration Discovery T1020 T1021 T1027 - Obfuscated Files or Information T1033 - System Owner/User Discovery T1036 - Masquerading T1036.006 - Space after Filename T1039 T1041 - Exfiltration Over C2 Channel T1047 - Windows Management Instrumentation T1053 - Scheduled Task/Job T1053.005 - Scheduled Task T1055 - Process Injection T1056 - Input Capture T1059 - Command and Scripting Interpreter T1059.001 - PowerShell T1068 T1071 T1071.001 - Web Protocols T1078 T1082 - System Information Discovery T1083 T1090.003 - Multi-hop Proxy T1095 - Non-Application Layer Protocol T1105 - Ingress Tool Transfer T1134 - Access Token Manipulation T1140 - Deobfuscate/Decode Files or Information T1176 - Browser Extensions T1187 - Forced Authentication T1189 - Drive-by Compromise T1199 T1204 - User Execution T1204.001 - Malicious Link T1204.002 - Malicious File T1213 T1218 - Signed Binary Proxy Execution T1218.011 - Rundll32 T1482 - Domain Trust Discovery T1505 - Server Software Component T1537 - Transfer Data to Cloud Account T1547 T1557 - Man-in-the-Middle T1566 - Phishing T1566.001 - Spearphishing Attachment T1570 T1572 - Protocol Tunneling