Data Staged
Adversaries may stage collected data in a central location or directory prior to Exfiltration. Data may be kept in separate files or combined into one file through techniques such as [Archive Collected Data](https://attack.mitre.org/techniques/T1560). Interactive command shells may be used, and common functionality within [cmd](https://attack.mitre.org/software/S0106) and bash may be used to copy data into a staging location.(Citation: PWC Cloud Hopper April 2017) In cloud environments, adversa...
BY SOURCE
PROCEDURES (12)
Auto-extracted: 1 detections for c2
Auto-extracted: 1 detections for credential
Auto-extracted: 1 detections for general monitoring
Auto-extracted: 1 detections for encrypt
Auto-extracted: 1 detections for c2
Auto-extracted: 1 detections for exfiltrat
Auto-extracted: 1 detections for exfiltrat
Auto-extracted: 1 detections for encrypt
Auto-extracted: 1 detections for credential
Auto-extracted: 1 detections for network connection monitoring
Auto-extracted: 1 detections for suspicious
Auto-extracted: 1 detections for persist