Forensic analysis of MITRE ATT&CK Techniques 2 - Execution
In the previous blog Forensic analysis of MITRE ATT&CK Techniques - PART 1 the first phase of the adversary was explained. In that phase the adversary achieved his goal by obtaining and abusing the credentials of existing local account to gain initial access to the system. Looking at the MITRE ATT&CK framework, the next goal of the adversary is to run malicious code on the system.