<<< Hide Navigation Hide TOC >>>
Network Connection Initiated To Mega.nz (fdeebdf0-9f3f-4d08-84a6-4c4d13e39fe4)
Detects a network connection initiated by a binary to "api.mega.co.nz". Attackers were seen abusing file sharing websites similar to "mega.nz" in order to upload/download additional payloads.
Cluster A![]() |
Galaxy A![]() |
Cluster B![]() |
Galaxy B![]() |
Level![]() |
---|---|---|---|---|
Network Connection Initiated To Mega.nz (fdeebdf0-9f3f-4d08-84a6-4c4d13e39fe4) | Sigma-Rules | Exfiltration to Code Repository - T1567.001 (86a96bf6-cf8b-411c-aaeb-8959944d64f7) | Attack Pattern | 1 |
Exfiltration to Code Repository - T1567.001 (86a96bf6-cf8b-411c-aaeb-8959944d64f7) | Attack Pattern | Exfiltration Over Web Service - T1567 (40597f16-0963-4249-bf4c-ac93b7fb9807) | Attack Pattern | 2 |