Skip to content

Hide Navigation Hide TOC

Curl Download And Execute Combination (21dd6d38-2b18-4453-9404-a0fe4a0cc288)

Adversaries can use curl to download payloads remotely and execute them. Curl is included by default in Windows 10 build 17063 and later.

Cluster A Galaxy A Cluster B Galaxy B Level
System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern Curl Download And Execute Combination (21dd6d38-2b18-4453-9404-a0fe4a0cc288) Sigma-Rules 1
Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) Attack Pattern Curl Download And Execute Combination (21dd6d38-2b18-4453-9404-a0fe4a0cc288) Sigma-Rules 1