DET0689 Detection of System Runtime API Hijacking
| Item | Value |
|---|---|
| ID | DET0689 |
| Version | 1.0 |
| Created | 21 October 2025 |
| Last Modified | 21 October 2025 |
Technique Detected: T1625.001 (System Runtime API Hijacking)
Analytics
Android
AN1800
Mobile threat defense agents could detect unauthorized operating system modifications by using attestation.
Log Sources
| Data Component | Name | Channel |
|---|---|---|
| Host Status (DC0018) | Sensor Health | None |
Mutable Elements
| Field | Description |
|---|---|