Common Information
| Type | Value |
|---|---|
| Value |
Non-Standard Encoding - T1132.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may encode data with a non-standard data encoding system to make the content of command and control traffic more difficult to detect. Command and control (C2) information can be encoded using a non-standard data encoding system that diverges from existing protocol specifications. Non-standard data encoding schemes may be based on or related to standard data encoding schemes, such as a modified Base64 encoding for the message body of an HTTP request.(Citation: Wikipedia Binary-to-text Encoding) (Citation: Wikipedia Character Encoding) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-10-17 | 100 | Flying in the clouds: APT31 renews its attacks on Russian companies through cloud storage | ||
| Details | Website | 2024-10-02 | 57 | Separating the bee from the panda: CeranaKeeper making a beeline for Thailand | ||
| Details | Website | 2024-09-13 | 35 | Stealthy Fileless Attack Targets Attendees Of Upcoming US-Taiwan Defense Industry Event | ||
| Details | Website | 2024-09-13 | 35 | Stealthy Fileless Attack Targets Attendees Of Upcoming US-Taiwan Defense Industry Event | ||
| Details | Website | 2024-05-16 | 23 | Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024 | ||
| Details | Website | 2024-04-17 | 90 | Malvertising campaign targeting IT teams with MadMxShell | ||
| Details | Website | 2024-04-11 | 24 | Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear | ||
| Details | Website | 2023-10-27 | 117 | A cascade of compromise: unveiling Lazarus' new campaign | ||
| Details | Website | 2023-10-24 | 36 | Dealing with MITRE ATT&CK®’s different levels of detail | ||
| Details | Website | 2023-09-26 | 34 | Analyzing Lu0Bot: A Node.js Malware with Vast Capabilities | ||
| Details | Website | 2023-08-13 | 69 | MoustachedBouncer: Belarus-Linked threat group exploit ISPs for AiTM attacks | ||
| Details | Website | 2023-06-29 | 98 | PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater | Deep Instinct | ||
| Details | Website | 2023-06-14 | 60 | Shampoo: A New ChromeLoader Campaign | HP Wolf Security | ||
| Details | Website | 2023-05-30 | 112 | Russia/Ukraine Update - May 2023 | ||
| Details | Website | 2023-05-09 | 19 | Hunting Russian Intelligence “Snake” Malware | CISA | ||
| Details | Website | 2023-03-28 | 118 | Mélofée: a new alien malware in the Panda's toolset targeting Linux hosts | ||
| Details | Website | 2023-01-02 | 47 | Dark Web Profile: MuddyWater APT Group - SOCRadar | ||
| Details | Website | 2022-11-16 | 21 | Pilfered Keys Free App Infected by Malware Steals Keychain Data | ||
| Details | Website | 2022-11-16 | 20 | Pilfered Keys Free App Infected by Malware Steals Keychain Data | ||
| Details | Website | 2022-04-27 | 202 | A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity | WeLiveSecurity | ||
| Details | Website | 2022-02-24 | 123 | Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks | CISA | ||
| Details | Website | 2022-01-01 | 288 | Shadowpad/technical-indicators at main · SentineLabs/Shadowpad | ||
| Details | Website | 2021-04-27 | 236 | Lazarus Group Recruitment: Threat Hunters vs Head Hunters | ||
| Details | Website | 2021-03-30 | 57 | APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign | ||
| Details | Website | 2021-02-25 | 161 | Lazarus targets defense industry with ThreatNeedle |