Kernel

A computer program, at the core of a computer OS, that resides in memory and facilitates interactions between hardware and software components[1][2]

ID: DS0008
Platforms: Linux, macOS
Collection Layer: Host
Contributors: Center for Threat-Informed Defense (CTID)
Version: 1.0
Created: 20 October 2021
Last Modified: 10 November 2021

Data Components

Kernel: Kernel Module Load

An object file that contains code to extend the running kernel of an OS, typically used to add support for new hardware (as device drivers) and/or filesystems, or for adding system calls

Kernel: Kernel Module Load

An object file that contains code to extend the running kernel of an OS, typically used to add support for new hardware (as device drivers) and/or filesystems, or for adding system calls

Domain ID Name
Enterprise T1547 Boot or Logon Autostart Execution
.006 Kernel Modules and Extensions

References