DNS TOR Proxies (a8322756-015c-42e7-afb1-436e85ed3ff5)
Identifies IPs performing DNS lookups associated with common Tor proxies.
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Exfiltration Over Alternative Protocol - T1048 (a19e86f8-1c0a-4fea-8407-23b73d615776) | Attack Pattern | DNS TOR Proxies (a8322756-015c-42e7-afb1-436e85ed3ff5) | Sigma-Rules | 1 |