Product: Cisco
Use-Case: Malware
| Rules | Models | MITRE ATT&CK® TTPs | Activity Types | Parsers |
|---|---|---|---|---|
| 2 | 0 | 3 | 1 | 0 |
| Event Type | Rules | Models |
|---|---|---|
| dns-response | T1071 - Application Layer Protocol ↳ A-DNS-MALDOM-RESPONSE: DNS query for blacklisted domain was successful from this asset ↳ A-DNS-DGADOM-RESPONSE: DNS query for DGA domain was successful from this asset T1568 - Dynamic Resolution ↳ A-DNS-DGADOM-RESPONSE: DNS query for DGA domain was successful from this asset T1568.002 - Dynamic Resolution: Domain Generation Algorithms ↳ A-DNS-DGADOM-RESPONSE: DNS query for DGA domain was successful from this asset |