Skip to content

Hide Navigation Hide TOC

Suspicious LDAP-Attributes Used (d00a9a72-2c09-4459-ad03-5e0a23351e36)

Detects the usage of particular AttributeLDAPDisplayNames, which are known for data exchange via LDAP by the tool LDAPFragger and are additionally not commonly used in companies.

Cluster A Galaxy A Cluster B Galaxy B Level
Suspicious LDAP-Attributes Used (d00a9a72-2c09-4459-ad03-5e0a23351e36) Sigma-Rules Protocol Impersonation - T1001.003 (c325b232-d5bc-4dde-a3ec-71f3db9e8adc) Attack Pattern 1
Data Obfuscation - T1001 (ad255bfe-a9e6-4b52-a258-8d3462abe842) Attack Pattern Protocol Impersonation - T1001.003 (c325b232-d5bc-4dde-a3ec-71f3db9e8adc) Attack Pattern 2