Suspicious DNS Query for IP Lookup Service APIs (ec82e2a5-81ea-4211-a1f8-37a0286df2c2)
Detects DNS queries for IP lookup services such as "api.ipify.org" originating from a non browser process.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Suspicious DNS Query for IP Lookup Service APIs (ec82e2a5-81ea-4211-a1f8-37a0286df2c2) | Sigma-Rules | Gather Victim Network Information - T1590 (9d48cab2-7929-4812-ad22-f536665f0109) | Attack Pattern | 1 |