Standard Cryptographic Protocol - T1032 (4b74a1d4-b0e9-4ef1-93f1-14ecc6e2f5b5)
Adversaries may explicitly employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if necessary secret keys are encoded and/or generated within malware samples/configuration files.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Standard Cryptographic Protocol - T1032 (4b74a1d4-b0e9-4ef1-93f1-14ecc6e2f5b5) | Attack Pattern | Encrypted Channel - T1573 (b8902400-e6c5-4ba2-95aa-2d35b442b118) | Attack Pattern | 1 |