| No | Risk IDs | Features | Related sources |
| 1 | I12, A | {CreateFileSF} | “c:\windows\...\sfile1.exe” | 2 | I12, A | {WriteFileSF } | “c:\windows\...\sfile1.exe” | 3 | I12, I12, A, P | {WriteFileSF, ReadFileSF} | “c:\windows\...\sfile1.exe” “c:\windows\...\sfile1.exe” | 4 | I12, I22, P, A | {ReadFileSF, WriteFileTP} | “c:\windows\...\sfile1.exe” “c:\programfiles\...\tfile2.exe” | 5 | I22, P | {SearchDirectoryTP} | “c:\programfiles\...\” | 6 | I22, I22, P, P | {SearchDirectoryTP, ReadFileTP} | “c:\programfiles\...\” “c:\programfiles\...\tfile1.txt” | 7 | I21, I22, P, P | {SearchDirectoryTP, ReadFileTP} | “c:\programfiles\...\” “c:\programfiles\...\tfile2.exe” | 8 | I22, I22, A, A | {WriteFileTP, SetValueTP} | “c:\programFiles\...\tfile2.exe” “hklm\Software\...\...\key1” | 9 | I31, P | {ReadFileST} | “c:\windows\...\stfile1.dll” “c:\windows\...\stfile2.dll” |
|
|