ID E1010
Objective(s) Discovery
Related ATT&CK Techniques Application Window Discovery (T1010 )
Version 2.0
Created 4 December 2020
Last Modified 13 September 2023
Application Window Discovery Malware may attempt to get a listing of open application windows.
Name
ID
Description
Window Text E1010.m01
After finding an open application window, malware gets graphical window text.
Name
Date
Method
Description
Dark Comet 2008
E1010.m01
DarkComet gets graphical window texts. [1]
Gamut 2014
E1010.m01
Gamut gets graphical window texts. [1]
Hupigon 2013
E1010.m01
Hupigon gets graphical window texts. [1]
Kovter 2016
E1010.m01
Kovter gets graphical window texts. [1]
Rombertik 2015
E1010.m01
Rombertik gets graphical window texts. [1]
UP007 2016
E1010.m01
UP007 gets graphical window text. [1]
Tool: capa
Mapping
APIs
get graphical window text Application Window Discovery (E1010)
user32.IsWindowVisible, user32.SendMessage, user32.GetForegroundWindow, user32.GetWindowText
[1] capa v4.0, analyzed at MITRE on 10/12/2022