Suspicious Non-Browser Network Communication With Google API (7e9cf7b6-e827-11ed-a05b-0242ac120003)
Detects a non-browser process interacting with the Google API which could indicate the use of a covert C2 such as Google Sheet C2 (GC2-sheet)
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Web Service - T1102 (830c9528-df21-472c-8c14-a036bf17d665) | Attack Pattern | Suspicious Non-Browser Network Communication With Google API (7e9cf7b6-e827-11ed-a05b-0242ac120003) | Sigma-Rules | 1 |