Skip to content

Hide Navigation Hide TOC

Exfiltration Over Physical Medium (36e0e8c0-ed8c-42b5-8bbf-b7cb322bc26f)

Adversaries may attempt to exfiltrate data via a physical medium, such as a removable drive. In certain circumstances, such as an air-gapped network compromise, exfiltration could occur via a physical medium or device introduced by a user. Such media could be an external hard drive, USB drive, cellular phone, MP3 player, or other removable storage and processing device. The physical medium or device could be used as the final exfiltration point or to hop between otherwise disconnected systems.

Cluster A Galaxy A Cluster B Galaxy B Level
Exfiltration Over Physical Medium (36e0e8c0-ed8c-42b5-8bbf-b7cb322bc26f) Tidal Technique Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic 1
Data Transfer Size Limits (dc98c882-8fba-4a10-bc6f-43088edb87af) Tidal Technique Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic 2
Automated Exfiltration (26abc19f-5968-45f1-aa1f-f35863a2f804) Tidal Technique Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (38cfe608-a7e3-4e4f-9e2d-6a6ab14946f9) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (848e3552-e89d-4981-a5a5-eaf610e6eb37) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (c2fc2776-e674-46ff-8b8d-ecc90b8b1c26) Unknown 2
Transfer Data to Cloud Account (ab4f22d6-465f-4a16-8a40-693f2234c4ac) Tidal Technique Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (c4a8902a-bb87-4be2-bbaf-c40c9ebcbae1) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (b27b273b-77e7-4243-8b48-a735857c0708) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (f424dade-21f3-4269-9940-ce64d93b97c4) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (ce886c55-17ab-4c1c-90dc-3aa93e69bdb4) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (27041aa4-13e7-4d84-b1c7-02047beb5534) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (4c34fe8b-ea13-55f9-9a2f-5948e2a2ecca) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (8b6743e7-e856-5772-8b38-2c002602b365) Unknown 2
Scheduled Transfer (ea0557cd-94bc-48cf-9c3b-293c40986464) Tidal Technique Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic 2
Exfiltration Over Alternative Protocol (192d25ea-bae1-48e4-88de-e0acd481ab88) Tidal Technique Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic 2
Exfiltration Over C2 Channel (89203cae-d3f1-4eef-9b5a-29042eb05d19) Tidal Technique Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic 2
Exfiltration Over Other Network Medium (d8541e2d-6bdd-4ec0-95c4-c0f657502d5f) Tidal Technique Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic 2
Exfiltration Over Web Service (66768217-acdd-4b52-902f-e29483630ad6) Tidal Technique Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic 2