Power Settings (T1653)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Power Settings

Associated Tactics

  • Persistence

Persistence (TA0003)

The adversary is trying to maintain their foothold. Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Techniques used for persistence include any access, action, or configuration changes that let them maintain their foothold on systems, such as replacing or hijacking legitimate code or adding startup code.

View on ATT&CK

Procedure Examples

Description Source(s)
AVG. (n.d.). Should You Shut Down, Sleep or Hibernate Your PC or Mac Laptop?. Retrieved June 8, 2023. Sleep, shut down, hibernate
Avira. (2019, November 28). CoinLoader: A Sophisticated Malware Loader Campaign. Retrieved June 5, 2023. CoinLoader: A Sophisticated Malware Loader Campaign
Bethany Hardin, Lavine Oluoch, Tatiana Vollbrecht. (2022, November 14). BATLOADER: The Evasive Downloader Malware. Retrieved June 5, 2023. BATLOADER: The Evasive Downloader Malware
Douglas Bonderud. (2018, September 17). Two New Monero Malware Attacks Target Windows and Android Users. Retrieved June 5, 2023. Two New Monero Malware Attacks Target Windows and Android Users
Joie Salvio and Roy Tay. (2023, June 20). Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389. Retrieved September 5, 2023. Condi-Botnet-binaries
Man7. (n.d.). systemd-sleep.conf(5) — Linux manual page. Retrieved June 7, 2023. systemdsleep Linux
Microsoft. (2021, December 15). Powercfg command-line options. Retrieved June 5, 2023. Microsoft: Powercfg command-line options