Hide Navigation Hide TOC Suspicious DNS Query with B64 Encoded String (4153a907-2451-4e4f-a578-c52bb6881432) Detects suspicious DNS queries using base64 encoding Cluster A Galaxy A Cluster B Galaxy B Level DNS - T1071.004 (1996eef1-ced3-4d7f-bf94-33298cabbf72) Attack Pattern Suspicious DNS Query with B64 Encoded String (4153a907-2451-4e4f-a578-c52bb6881432) Sigma-Rules 1 Exfiltration Over Unencrypted Non-C2 Protocol - T1048.003 (fb8d023d-45be-47e9-bc51-f56bcae6435b) Attack Pattern Suspicious DNS Query with B64 Encoded String (4153a907-2451-4e4f-a578-c52bb6881432) Sigma-Rules 1 Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6) Attack Pattern DNS - T1071.004 (1996eef1-ced3-4d7f-bf94-33298cabbf72) Attack Pattern 2 Exfiltration Over Alternative Protocol - T1048 (a19e86f8-1c0a-4fea-8407-23b73d615776) Attack Pattern Exfiltration Over Unencrypted Non-C2 Protocol - T1048.003 (fb8d023d-45be-47e9-bc51-f56bcae6435b) Attack Pattern 2