Skip to content

Hide Navigation Hide TOC

Potential Homoglyph Attack Using Lookalike Characters in Filename (4f1707b1-b50b-45b4-b5a2-3978b5a5d0d6)

Detects the presence of unicode characters which are homoglyphs, or identical in appearance, to ASCII letter characters. This is used as an obfuscation and masquerading techniques. Only "perfect" homoglyphs are included; these are characters that are indistinguishable from ASCII characters and thus may make excellent candidates for homoglyph attack characters.

Cluster A Galaxy A Cluster B Galaxy B Level
Potential Homoglyph Attack Using Lookalike Characters in Filename (4f1707b1-b50b-45b4-b5a2-3978b5a5d0d6) Sigma-Rules Rename System Utilities - T1036.003 (bd5b58a4-a52d-4a29-bc0d-3f1d3968eb6b) Attack Pattern 1
Potential Homoglyph Attack Using Lookalike Characters in Filename (4f1707b1-b50b-45b4-b5a2-3978b5a5d0d6) Sigma-Rules Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) Attack Pattern 1
Rename System Utilities - T1036.003 (bd5b58a4-a52d-4a29-bc0d-3f1d3968eb6b) Attack Pattern Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) Attack Pattern 2