← Back to Explore
T1505.002
Transport Agent
Adversaries may abuse Microsoft transport agents to establish persistent access to systems. Microsoft Exchange transport agents can operate on email messages passing through the transport pipeline to perform various tasks such as filtering spam, filtering malicious attachments, journaling, or adding a corporate signature to the end of all outgoing emails.(Citation: Microsoft TransportAgent Jun 2016)(Citation: ESET LightNeuron May 2019) Transport agents can be written by application developers an...
LinuxWindows
3
Detections
1
Sources
0
Threat Actors
BY SOURCE
3sigma
PROCEDURES (2)
General Monitoring2 detections
Auto-extracted: 2 detections for general monitoring
Process Creation Monitoring1 detections
Auto-extracted: 1 detections for process creation monitoring