T1560.003 - Archive via Custom Method
Sub-technique
Tattiche:
Collection
Collection
Piattaforme:
Linux macOS Windows
Linux macOS Windows
Rilevamento:
Not specified
Not specified
Description:
An adversary may compress or encrypt data that is collected prior to exfiltration using a custom method. Adversaries may choose to use custom archival methods, such as encryption with XOR or stream ciphers implemented with no external library or utility references. Custom implementations of well-known compression algorithms have also been used.(Citation: ESET Sednit Part 2)
Usato da Attori (7)
Malware (20)
Stuxnet other
HAWKBALL other
FrameworkPOS other
StrongPity other
NETWIRE other
Machete other
Squirrelwaffle other
Agent.btz other
SombRAT other
FLASHFLOOD other
InvisiMole other
Okrum other
Rising Sun other
Reaver other
Duqu other
FoggyWeb other
T9000 other
SPACESHIP other
BLUELIGHT other
OopsIE other
Metadata
| MITRE ID: | T1560.003 |
| STIX ID: | attack-pattern--143c0cbb-a297-... |
| Piattaforme: | Linux, macOS, Windows |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |