{
    "type": "bundle",
    "id": "bundle--2f5bf0b7-e8b8-4657-8eac-a98e7d79a2d8",
    "spec_version": "2.0",
    "objects": [
        {
            "type": "relationship",
            "id": "relationship--0b7f643e-8975-4998-acbb-7405fa944a68",
            "created": "2022-05-11T16:22:58.806Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "revoked": false,
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "modified": "2022-10-14T16:54:38.303Z",
            "description": "Monitor executed commands and arguments that may look for details about the network configuration and settings, such as IP and/or MAC addresses, of systems they access or through information discovery of remote systems. Also monitor executed commands and arguments that may attempt to get a listing of network connections to or from the compromised system they are currently accessing or from remote systems by querying for information over the network. Information may also be acquired through Windows system management tools such as [Windows Management Instrumentation](https://attack.mitre.org/techniques/T1047) and [PowerShell](https://attack.mitre.org/techniques/T1059/001).",
            "relationship_type": "detects",
            "source_ref": "x-mitre-data-component--685f917a-e95e-4ba0-ade1-c7d354dae6e0",
            "target_ref": "attack-pattern--ea0c980c-5cf0-43a7-a049-59c4c207566e",
            "x_mitre_deprecated": false,
            "x_mitre_version": "1.0",
            "x_mitre_attack_spec_version": "2.1.0",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
        }
    ]
}