Automated Exfiltration | Technique Detail

Description

Adversaries may exfiltrate data, such as sensitive documents, through the use of automated processing after being gathered during Collection.(Citation: ESET Gamaredon June 2020) When automated exfiltration is used, other exfiltration techniques likely apply as well to transfer the information out of the network, such as [Exfiltration Over C2 Channel](https://attack.mitre.org/techniques/T1041) and [Exfiltration Over Alternative Protocol](https://attack.mitre.org/techniques/T1048).

Threat-Mapped Scoring

Threat Score: 0.0

Industry:

Threat Priority: Unclassified

ATT&CK Kill Chain Metadata

Tactics: exfiltration
Platforms: Linux, macOS, Windows, Network Devices
Detection Guidance:
Monitor process file access patterns and network behavior. Unrecognized processes or scripts that appear to be traversing file systems and sending network traffic may be suspicious.

Malware

Attor
CosmicDuke
Crutch
Doki
Ebury
Hannotog
LightNeuron
Machete
OutSteel
Peppy
Raccoon Stealer
Rover
Solar
StrelaStealer
StrongPity
TINYTYPHON
TajMahal
USBStealer

Tools

Empire
ShimRatReporter

APTs (Intrusion Sets)

Gamaredon Group
Ke3chang
RedCurl
Sidewinder
Tropic Trooper
Winter Vivern

← Back to Home ← Back to TTP Search