CAPEC-442

Name

Infected Software

Likihood attacks

Medium

Typical Severity

High

Status

Stable

Published

2014-06-23
00h00 +00:00

Modified

2023-01-24
00h00 +00:00

Official links

CAPEC Mitre.org

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Notifications manage

List of Notifications

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CAPEC ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Descriptions CAPEC

An adversary adds malicious logic, often in the form of a computer virus, to otherwise benign software. This logic is often hidden from the user of the software and works behind the scenes to achieve negative impacts. Many times, the malicious logic is inserted into empty space between legitimate code, and is then called when the software is executed. This pattern of attack focuses on software already fielded and used in operation as opposed to software that is still under development and part of the supply chain.

Informations CAPEC

Prerequisites

Access to the software currently deployed at a victim location. This access is often obtained by leveraging another attack pattern to gain permissions that the adversary wouldn't normally have.

Mitigations

Leverage anti-virus products to detect and quarantine software with known virus.

Related Weaknesses

CWE-ID	Weakness Name
CWE-506	Embedded Malicious Code The product contains code that appears to be malicious in nature.

References

REF-387

How Computer Viruses Work
Marshall Brain.
http://www.mindpride.net/root/Extras/how-stuff-works/how_computer_viruses_work.htm

Submission

Name	Organization	Date	Date release
CAPEC Content Team	The MITRE Corporation	2014-06-23 +00:00

Modifications

Name	Organization	Date	Comment
CAPEC Content Team	The MITRE Corporation	2015-11-09 +00:00	Updated Description Summary, Examples-Instances, References, Related_Attack_Patterns
CAPEC Content Team	The MITRE Corporation	2018-07-31 +00:00	Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, Examples-Instances, References, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit, Typical_Severity
CAPEC Content Team	The MITRE Corporation	2019-04-04 +00:00	Updated Related_Attack_Patterns
CAPEC Content Team	The MITRE Corporation	2019-09-30 +00:00	Updated Related_Attack_Patterns
CAPEC Content Team	The MITRE Corporation	2021-06-24 +00:00	Updated Related_Attack_Patterns
CAPEC Content Team	The MITRE Corporation	2022-09-29 +00:00	Updated Taxonomy_Mappings
CAPEC Content Team	The MITRE Corporation	2023-01-24 +00:00	Updated Related_Weaknesses

CAPEC-442 Detail