Home >
Enterprise >
Participants >
FireEye >
Application Layer Protocol: Web Protocols (T1071.001)
|
|
See subtechnique results for:
Carbanak+FIN7 |
||||
Step | ATT&CK Pattern |
|
||
1.A.10
|
|
|||
8.A.2
|
|
|||
14.A.6
|
|
|||
16.A.8
|
|
|||
17.A.5
|
|
|||
20.A.3
|
|
APT29 |
||||
Step | ATT&CK Pattern |
|
||
3.B.4
|
|
|||
11.A.14
|
|
APT3 |
||||||
Step | ATT&CK Pattern |
|
||||
6.B.1.2
|
|
|||||
11.B.1.2
|
|
|||||
14.A.1.3
|
|
Procedure
Cobalt Strike: C2 channel modified to use HTTP traffic to freegoogleadsenseinfo.com
Footnotes
- Managed Defense Reports are reports provided by FireEye's managed detection and response (MDR) service. FireEye provided reports to MITRE after the completion of the evaluation to mimic what they would produce in a real incident.


[2]


Procedure
Empire: C2 channel established using HTTPS traffic to freegoogleadsenseinfo.com
Footnotes
- Managed Defense Reports are reports provided by FireEye's managed detection and response (MDR) service. FireEye provided reports to MITRE after the completion of the evaluation to mimic what they would produce in a real incident.

