Control Panel Items (T1196)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Control Panel Items

Associated Tactics

  • Defense Evasion
  • Execution

Defense Evasion (TA0005)

The adversary is trying to avoid being detected. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics’ techniques are cross-listed here when those techniques include the added benefit of subverting defenses.

View on ATT&CK

Procedure Examples

Description Source(s)
M. (n.d.). Implementing Control Panel Items. Retrieved January 18, 2018. Microsoft Implementing CPL
Mercês, F. (2014, January 27). CPL Malware - Malicious Control Panel Items. Retrieved January 18, 2018. TrendMicro CPL Malware Jan 2014
Bernardino, J. (2013, December 17). Control Panel Files Used As Malicious Attachments. Retrieved January 18, 2018. TrendMicro CPL Malware Dec 2013
Grunzweig, J. and Miller-Osborn, J. (2017, November 10). New Malware with Ties to SunOrcal Discovered. Retrieved November 16, 2017. Palo Alto Reaver Nov 2017