Source Extracted File relevance 3/10 ATT&CK ID "favicon_2_.ico" has type "MS Windows icon resource - 1 icon 32x32 32 bits/pixel". "v1_1_.js" has type "ASCII text with very long lines with no line terminators". "TND829OZ.txt" has type "ASCII text"- Location:. "~DF80AEFDA42F33FDB5.TMP" has type "data"- Location:. "H0U6X04D.txt" has type "ASCII text"- Location:. "transparent_1_.gif" has type "GIF image data version 89a 1 x 1". "075WTMBL.txt" has type "ASCII text"- Location:. "RecoveryStore._88B090C0-D917-11E7-B67B-080027A49DD6_.dat" has type "Composite Document File V2 Document Cannot read section info". "XF26BC3T.txt" has type "ASCII text"- Location:. "_AB87A62D-C23B-11ED-A79F-080027A685DF_.dat" has type "Composite Document File V2 Document Cannot read section info". "0XLZWA0U.txt" has type "ASCII text"- Location:. "HNCGQL4D.txt" has type "ASCII text"- Location:. "_B360535B-C23B-11ED-A79F-080027A685DF_.dat" has type "Composite Document File V2 Document Cannot read section info". "2UEWLAPA.txt" has type "ASCII text"- Location:. Adversaries may target user email to collect sensitive information.įound a potential E-Mail address in binary/memoryĪdversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic.Īdversaries may communicate using the Domain Name System (DNS) application layer protocol to avoid detection/network filtering by blending in with existing traffic.Īdversaries may transfer tools or other files from an external system into a compromised environment.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |