Description

Execution is a phase in the adversary's operations where the attacker's primary objective is to run malicious code on a local or remote system. This phase involves the use of techniques that result in the successful execution of adversary-controlled code. Execution often pairs with techniques from other tactics to achieve broader goals, such as exploring a network or stealing data. For instance, an adversary might use a remote access tool to run a PowerShell script that performs Remote System Discovery. Execution is a crucial step in the adversary's operations, as it allows the attacker to carry out their malicious activities and achieve their objectives. The success of the execution phase directly affects the success of the overall operation, and it is essential for the adversary to effectively execute their code to achieve their desired outcome.