Data Encoding: Non-Standard Encoding (T1132.002)

Tactic: Command and Control · Platforms: ESXi, Linux, macOS, Windows

The interactive view maps 1 detection strategy, 1 mitigation, 1 threat group, 17 software entries to this technique, alongside D3FEND countermeasures and data-component coverage.

Sub-technique of Data Encoding (T1132).

Overview

Adversaries may encode data with a non-standard data encoding system to make the content of command and control traffic more difficult to detect. Command and control (C2) information can be encoded using a non-standard data encoding system that diverges from existing protocol specifications. Non-standard data encoding schemes may be based on or related to standard data encoding schemes, such as a modified Base64 encoding for the message body of an HTTP request.

Explore