← Back to Explore
T1030
Data Transfer Size Limits
An adversary may exfiltrate data in fixed size chunks instead of whole files or limit packet sizes below certain thresholds. This approach may be used to avoid triggering network data transfer threshold alerts.
LinuxmacOSWindowsESXi
6
Detections
3
Sources
5
Threat Actors
BY SOURCE
2elastic2sigma2splunk_escu
PROCEDURES (5)
Bypass2 detections
Auto-extracted: 2 detections for bypass
Exfiltrat1 detections
Auto-extracted: 1 detections for exfiltrat
Exfiltrat1 detections
Auto-extracted: 1 detections for exfiltrat
Process Creation Monitoring1 detections
Auto-extracted: 1 detections for process creation monitoring
General Monitoring1 detections
Auto-extracted: 1 detections for general monitoring
THREAT ACTORS (5)
DETECTIONS (6)
GenAI Process Performing Encoding/Chunking Prior to Network Activity
elasticmedium
Linux Auditd Data Transfer Size Limits Via Split
splunk_escu
Linux Auditd Data Transfer Size Limits Via Split Syscall
splunk_escu
Potential Data Splitting Detected
elasticmedium
Split A File Into Pieces
sigmalow
Split A File Into Pieces - Linux
sigmalow