Carbanak+FIN7
|
The subtechnique was not in scope.
|
APT29
|
Step
|
ATT&CK Pattern
|
Detection Type |
Detection Note |
|
1.A.4
|
|
|
An MSSP detection occurred for the rcs.3aka3.doc process using rc4 encryption for network communication.
[1]
|
|
Minimum detection criteria was not met for this procedure.
[1]
[2]
|
|
Used RC4 stream cipher to encrypt C2 (192.168.0.5) traffic
Evidence that the network data sent over the C2 channel is encrypted
[1]
Used RC4 stream cipher to encrypt C2 (192.168.0.5) traffic
Evidence that the network data sent over the C2 channel is encrypted
[1]
[2]
APT3
|
The subtechnique was not in scope.
|