Skip to content

Hide Navigation Hide TOC

Powershell Exfiltration Over SMTP (9a7afa56-4762-43eb-807d-c3dc9ffe211b)

Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel. The data may also be sent to an alternate network location from the main command and control server.

Cluster A Galaxy A Cluster B Galaxy B Level
Powershell Exfiltration Over SMTP (9a7afa56-4762-43eb-807d-c3dc9ffe211b) Sigma-Rules Exfiltration Over Unencrypted Non-C2 Protocol - T1048.003 (fb8d023d-45be-47e9-bc51-f56bcae6435b) Attack Pattern 1
Exfiltration Over Unencrypted Non-C2 Protocol - T1048.003 (fb8d023d-45be-47e9-bc51-f56bcae6435b) Attack Pattern Exfiltration Over Alternative Protocol - T1048 (a19e86f8-1c0a-4fea-8407-23b73d615776) Attack Pattern 2