khoicrtp
/

test_scratch

Model card Files Files and versions Community

test_scratch / cti-ATT-CK-v13.1 /mobile-attack /attack-pattern /attack-pattern--32063d7f-0a39-440d-a4a3-2694488f96cc.json

khoicrtp

Upload 2298 files

5fe70fd over 1 year ago

raw

history blame

2.36 kB

	{
	"type": "bundle",
	"id": "bundle--6b1b8127-400d-45f9-85f4-946706fab667",
	"spec_version": "2.0",
	"objects": [
	{
	"x_mitre_platforms": [
	"Android",
	"iOS"
	],
	"x_mitre_domains": [
	"mobile-attack"
	],
	"object_marking_refs": [
	"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
	],
	"type": "attack-pattern",
	"id": "attack-pattern--32063d7f-0a39-440d-a4a3-2694488f96cc",
	"created": "2022-04-01T15:43:45.913Z",
	"x_mitre_version": "1.0",
	"external_references": [
	{
	"source_name": "mitre-attack",
	"external_id": "T1646",
	"url": "https://attack.mitre.org/techniques/T1646"
	},
	{
	"url": "https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-29.html",
	"source_name": "NIST Mobile Threat Catalogue",
	"external_id": "APP-29"
	}
	],
	"x_mitre_deprecated": false,
	"revoked": false,
	"description": "Adversaries may steal data by exfiltrating it over an existing command and control channel. Stolen data is encoded into the normal communications channel using the same protocol as command and control communications.",
	"modified": "2022-04-08T16:25:44.552Z",
	"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
	"name": "Exfiltration Over C2 Channel",
	"x_mitre_detection": "Exfiltration over C2 channel can be difficult to detect, and therefore enterprises may be better served focusing on detection at other stages of adversarial behavior.",
	"kill_chain_phases": [
	{
	"phase_name": "exfiltration",
	"kill_chain_name": "mitre-mobile-attack"
	}
	],
	"x_mitre_is_subtechnique": false,
	"x_mitre_tactic_type": [
	"Post-Adversary Device Access"
	],
	"x_mitre_attack_spec_version": "2.1.0",
	"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
	}
	]
	}