Skip to content

Hide Navigation Hide TOC

PowerShell ICMP Exfiltration (4c4af3cd-2115-479c-8193-6b8bfce9001c)

Detects Exfiltration Over Alternative Protocol - ICMP. Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.

Cluster A Galaxy A Cluster B Galaxy B Level
Exfiltration Over Unencrypted Non-C2 Protocol - T1048.003 (fb8d023d-45be-47e9-bc51-f56bcae6435b) Attack Pattern PowerShell ICMP Exfiltration (4c4af3cd-2115-479c-8193-6b8bfce9001c) Sigma-Rules 1
Exfiltration Over Unencrypted Non-C2 Protocol - T1048.003 (fb8d023d-45be-47e9-bc51-f56bcae6435b) Attack Pattern Exfiltration Over Alternative Protocol - T1048 (a19e86f8-1c0a-4fea-8407-23b73d615776) Attack Pattern 2