← Back to Explore
T1221
Template Injection
Adversaries may create or modify references in user document templates to conceal malicious code or force authentication attempts. For example, Microsoft’s Office Open XML (OOXML) specification defines an XML-based format for Office documents (.docx, xlsx, .pptx) to replace older binary formats (.doc, .xls, .ppt). OOXML files are packed together ZIP archives compromised of various XML files, referred to as parts, containing properties that collectively define how a document is rendered.(Citation...
Windows
1
Detections
1
Sources
7
Threat Actors
BY SOURCE
1sigma
PROCEDURES (1)
Script Execution Monitoring1 detections
Auto-extracted: 1 detections for script execution monitoring