Skip to content

Hide Navigation Hide TOC

Potential Homoglyph Attack Using Lookalike Characters (32e280f1-8ad4-46ef-9e80-910657611fbc)

Detects the presence of unicode characters which are homoglyphs, or identical in appearance, to ASCII letter characters. This is used as an obfuscation and masquerading techniques. Only "perfect" homoglyphs are included; these are characters that are indistinguishable from ASCII characters and thus may make excellent candidates for homoglyph attack characters.

Cluster A Galaxy A Cluster B Galaxy B Level
Potential Homoglyph Attack Using Lookalike Characters (32e280f1-8ad4-46ef-9e80-910657611fbc) Sigma-Rules Rename System Utilities - T1036.003 (bd5b58a4-a52d-4a29-bc0d-3f1d3968eb6b) Attack Pattern 1
Potential Homoglyph Attack Using Lookalike Characters (32e280f1-8ad4-46ef-9e80-910657611fbc) Sigma-Rules Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) Attack Pattern 1
Rename System Utilities - T1036.003 (bd5b58a4-a52d-4a29-bc0d-3f1d3968eb6b) Attack Pattern Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) Attack Pattern 2