Technique T1053

Scheduled Task/Job

Threats leveraging Scheduled Task/Job remain highly prevalent across our customer base, despite the technique dropping from fourth to seventh in 2022. The decrease in detection volume is due almost entirely to a corresponding decrease in Blue Mockingbird activity.

#7

Technique rank

14.7%

Organizations affected

1216

Confirmed threats

Prevalent Sub-techniques

T1053.005

Scheduled Task

#4

Sub-technique rank

12.2%

organizations affected

1,147

confirmed threats

Leveraging the primary task-scheduling component of Windows, this technique allows adversarial persistence and execution behaviors to blend in with routine activity emanating from native tools and third-party software.

Process Injection

Scheduled Task

Technique T1053

Scheduled Task/Job

#7

Technique rank

14.7%

Organizations affected

1216

Confirmed threats

Prevalent Sub-techniques

T1053.005

Scheduled Task

Scheduled Task

#4

Sub-technique rank

12.2%

organizations affected

1,147

confirmed threats

See what it's like to have a partner in the fight.

Experience the difference between a sense of security and actual security.