Web Session Cookie (T1506)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Web Session Cookie

Associated Tactics

  • Defense Evasion
  • Lateral Movement

Defense Evasion (TA0005)

The adversary is trying to avoid being detected. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics’ techniques are cross-listed here when those techniques include the added benefit of subverting defenses.

View on ATT&CK

Procedure Examples

Description Source(s)
Rehberger, J. (2018, December). Pivot to the Cloud using Pass the Cookie. Retrieved April 5, 2019. Pass The Cookie
Chen, Y., Hu, W., Xu, Z., et. al. (2019, January 31). Mac Malware Steals Cryptocurrency Exchanges’ Cookies. Retrieved October 14, 2019. Unit 42 Mac Crypto Cookies January 2019