Skip to content

Hide Navigation Hide TOC

Powershell Local Email Collection (2837e152-93c8-43d2-85ba-c3cd3c2ae614)

Adversaries may target user email on local systems to collect sensitive information. Files containing email data can be acquired from a users local system, such as Outlook storage or cache files.

Cluster A Galaxy A Cluster B Galaxy B Level
Local Email Collection - T1114.001 (1e9eb839-294b-48cc-b0d3-c45555a2a004) Attack Pattern Powershell Local Email Collection (2837e152-93c8-43d2-85ba-c3cd3c2ae614) Sigma-Rules 1
Local Email Collection - T1114.001 (1e9eb839-294b-48cc-b0d3-c45555a2a004) Attack Pattern Email Collection - T1114 (1608f3e1-598a-42f4-a01a-2e252e81728f) Attack Pattern 2