Home/ MITRE Matrix/ Defense Evasion/ T1036.009

T1036.009Break Process Trees

T1036.009 — Break Process Trees is a MITRE ATT&CK technique in the Defense Evasion tactic. Clankerusecase tracks 2 detection use cases covering it.

Defense Evasion

View on the matrix → Filter Detection Library MITRE official spec ↗

2Use cases

0Articles

0Sub-techniques

1Tactic

↑ Parent technique: T1036 · Masquerading

Use cases covering this technique (2)

Windows Svchost.exe Parent Process Anomaly ESCU actions · hunting P Windows Unusual SysWOW64 Process Run System32 Executable ESCU actions · hunting P