Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1560 | .001 | Archive Collected Data: Archive via Utility |
CORALDECK has created password-protected RAR, WinImage, and zip archives to be exfiltrated.[1] |
Enterprise | T1048 | .003 | Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted Non-C2 Protocol | |
Enterprise | T1083 | File and Directory Discovery |
ID | Name | References |
---|---|---|
G0067 | APT37 |