Suspicious Non-Browser Network Communication With Telegram API (c3dbbc9f-ef1d-470a-a90a-d343448d5875)
Detects an a non-browser process interacting with the Telegram API which could indicate use of a covert C2
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Web Service - T1102 (830c9528-df21-472c-8c14-a036bf17d665) | Attack Pattern | Suspicious Non-Browser Network Communication With Telegram API (c3dbbc9f-ef1d-470a-a90a-d343448d5875) | Sigma-Rules | 1 |