Archive via Custom Method - T1560.003 (143c0cbb-a297-4142-9624-87ffc778980b)
An adversary may compress or encrypt data that is collected prior to exfiltration using a custom method. Adversaries may choose to use custom archival methods, such as encryption with XOR or stream ciphers implemented with no external library or utility references. Custom implementations of well-known compression algorithms have also been used.(Citation: ESET Sednit Part 2)
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Archive via Custom Method - T1560.003 (143c0cbb-a297-4142-9624-87ffc778980b) | Attack Pattern | Archive Collected Data - T1560 (53ac20cd-aca3-406e-9aa0-9fc7fdc60a5a) | Attack Pattern | 1 |