Skip to content

Hide Navigation Hide TOC

Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd)

Analyzing failed connections in a network to detect unauthorized activity.

Cluster A Galaxy A Cluster B Galaxy B Level
Windows Management Instrumentation Event Subscription - T1546.003 (910906dd-8c0a-475a-9cc1-5e029e2fad58) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
LLMNR/NBT-NS Poisoning and SMB Relay - T1557.001 (650c784b-7504-4df7-ab2c-4ea882384d1e) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Password Spraying - T1110.003 (692074ae-bb62-4a5e-a735-02cb6bde458c) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Accessibility Features - T1546.008 (70e52b04-2a0c-4cea-9d18-7149f1df9dc5) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Credential Stuffing - T1110.004 (b2d03cea-aec1-45ca-9744-9ee583c1e1cc) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Remote Services - T1021 (54a649ff-439a-41a4-9856-8d144a2551ba) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
BITS Jobs - T1197 (c8e87b83-edbb-48d4-9295-4974897525b7) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
DCSync - T1003.006 (f303a39a-6255-4b89-aecc-18c4d8ca7163) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Internal Proxy - T1090.001 (f6dacc85-b37d-458e-b58d-74fc4bbf5755) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Lateral Tool Transfer - T1570 (bf90d72c-c00b-45e3-b3aa-68560560d4c5) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Rogue Domain Controller - T1207 (564998d8-ab3e-4123-93fb-eccaa6b9714a) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Exploitation of Remote Services - T1210 (9db0cf3a-a3c9-4012-8268-123b9db6fd82) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Windows Management Instrumentation - T1047 (01a5a209-b94c-450b-b7f9-946497d91055) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Trusted Relationship - T1199 (9fa07bef-9c81-421e-a8e5-ad4366c5a925) Attack Pattern Connection Attempt Analysis (10d2827d-2b3c-5afe-9aed-be770f276bcd) MITRE D3FEND 1
Event Triggered Execution - T1546 (b6301b64-ef57-4cce-bb0b-77026f14a8db) Attack Pattern Windows Management Instrumentation Event Subscription - T1546.003 (910906dd-8c0a-475a-9cc1-5e029e2fad58) Attack Pattern 2
LLMNR/NBT-NS Poisoning and SMB Relay - T1557.001 (650c784b-7504-4df7-ab2c-4ea882384d1e) Attack Pattern Adversary-in-the-Middle - T1557 (035bb001-ab69-4a0b-9f6c-2de8b09e1b9d) Attack Pattern 2
Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) Attack Pattern Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) Attack Pattern 2
Password Spraying - T1110.003 (692074ae-bb62-4a5e-a735-02cb6bde458c) Attack Pattern Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) Attack Pattern 2
Accessibility Features - T1546.008 (70e52b04-2a0c-4cea-9d18-7149f1df9dc5) Attack Pattern Event Triggered Execution - T1546 (b6301b64-ef57-4cce-bb0b-77026f14a8db) Attack Pattern 2
Credential Stuffing - T1110.004 (b2d03cea-aec1-45ca-9744-9ee583c1e1cc) Attack Pattern Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) Attack Pattern 2
DCSync - T1003.006 (f303a39a-6255-4b89-aecc-18c4d8ca7163) Attack Pattern OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) Attack Pattern 2
Proxy - T1090 (731f4f55-b6d0-41d1-a7a9-072a66389aea) Attack Pattern Internal Proxy - T1090.001 (f6dacc85-b37d-458e-b58d-74fc4bbf5755) Attack Pattern 2