Suspicious SSL Connection (195626f3-5f1b-4403-93b7-e6cfd4d6a078)
Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Encrypted Channel - T1573 (b8902400-e6c5-4ba2-95aa-2d35b442b118) | Attack Pattern | Suspicious SSL Connection (195626f3-5f1b-4403-93b7-e6cfd4d6a078) | Sigma-Rules | 1 |