PUA - Netcat Suspicious Execution (e31033fc-33f0-4020-9a16-faf9b31cbf08)
Detects execution of Netcat. Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| PUA - Netcat Suspicious Execution (e31033fc-33f0-4020-9a16-faf9b31cbf08) | Sigma-Rules | Non-Application Layer Protocol - T1095 (c21d5a77-d422-4a69-acd7-2c53c1faa34b) | Attack Pattern | 1 |