Skip to content

Hide Navigation Hide TOC

Exfiltration Over Physical Medium (36e0e8c0-ed8c-42b5-8bbf-b7cb322bc26f)

Adversaries may attempt to exfiltrate data via a physical medium, such as a removable drive. In certain circumstances, such as an air-gapped network compromise, exfiltration could occur via a physical medium or device introduced by a user. Such media could be an external hard drive, USB drive, cellular phone, MP3 player, or other removable storage and processing device. The physical medium or device could be used as the final exfiltration point or to hop between otherwise disconnected systems.

Cluster A Galaxy A Cluster B Galaxy B Level
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Exfiltration Over Physical Medium (36e0e8c0-ed8c-42b5-8bbf-b7cb322bc26f) Tidal Technique 1
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Scheduled Transfer (ea0557cd-94bc-48cf-9c3b-293c40986464) Tidal Technique 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (848e3552-e89d-4981-a5a5-eaf610e6eb37) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (c2fc2776-e674-46ff-8b8d-ecc90b8b1c26) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (c4a8902a-bb87-4be2-bbaf-c40c9ebcbae1) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Exfiltration Over Alternative Protocol (192d25ea-bae1-48e4-88de-e0acd481ab88) Tidal Technique 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (b27b273b-77e7-4243-8b48-a735857c0708) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Exfiltration Over C2 Channel (89203cae-d3f1-4eef-9b5a-29042eb05d19) Tidal Technique 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Exfiltration Over Other Network Medium (d8541e2d-6bdd-4ec0-95c4-c0f657502d5f) Tidal Technique 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (f424dade-21f3-4269-9940-ce64d93b97c4) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (ce886c55-17ab-4c1c-90dc-3aa93e69bdb4) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Exfiltration Over Web Service (66768217-acdd-4b52-902f-e29483630ad6) Tidal Technique 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (27041aa4-13e7-4d84-b1c7-02047beb5534) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (8b6743e7-e856-5772-8b38-2c002602b365) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (4c34fe8b-ea13-55f9-9a2f-5948e2a2ecca) Unknown 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Data Transfer Size Limits (dc98c882-8fba-4a10-bc6f-43088edb87af) Tidal Technique 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Automated Exfiltration (26abc19f-5968-45f1-aa1f-f35863a2f804) Tidal Technique 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Transfer Data to Cloud Account (ab4f22d6-465f-4a16-8a40-693f2234c4ac) Tidal Technique 2
Exfiltration (66249a6d-be4e-43ab-a295-349d03a98023) Tidal Tactic Private Cluster (38cfe608-a7e3-4e4f-9e2d-6a6ab14946f9) Unknown 2