| ID | B0037 |
| Objective(s) | Defense Evasion |
| Related ATT&CK Techniques | None |
| Version | 2.0 |
| Created | 14 August 2020 |
| Last Modified | 21 November 2022 |
Malware may bypass Data Execution Prevention (DEP).
| Name | ID | Description |
|---|---|---|
| ROP Chains | B0037.001 | Return-Oriented Programming can be used to bypass DEP. It can also be used to bypass code signing. [1] |
[1] https://medium.com/cybersecurityservices/dep-bypass-using-rop-chains-garima-chopra-e8b3361e50ce
[2] https://www.cybereason.com/blog/research/dropping-anchor-from-a-trickbot-infection-to-the-discovery-of-the-anchor-malware