EXPLORE
← Back to Explore
T1570

Lateral Tool Transfer

Adversaries may transfer tools or other files between systems in a compromised environment. Once brought into the victim environment (i.e., [Ingress Tool Transfer](https://attack.mitre.org/techniques/T1105)) files may then be copied from one system to another to stage adversary tools or other files over the course of an operation. Adversaries may copy files between internal victim systems to support lateral movement using inherent file sharing protocols such as file sharing over [SMB/Windows Ad...

ESXiLinuxmacOSWindows
23
Detections
3
Sources
19
Threat Actors

BY SOURCE

16elastic6sigma1crowdstrike_cql

PROCEDURES (17)

Process Creation Monitoring3 detections

Auto-extracted: 3 detections for process creation monitoring

Exfiltrat2 detections

Auto-extracted: 2 detections for exfiltrat

Service2 detections

Auto-extracted: 2 detections for service

Anomal2 detections

Auto-extracted: 2 detections for anomal

Suspicious2 detections

Auto-extracted: 2 detections for suspicious

Script Execution Monitoring1 detections

Auto-extracted: 1 detections for script execution monitoring

Remote1 detections

Auto-extracted: 1 detections for remote

General Monitoring1 detections

Auto-extracted: 1 detections for general monitoring

Unusual1 detections

Auto-extracted: 1 detections for unusual

Service1 detections

Auto-extracted: 1 detections for service

File Monitoring1 detections

Auto-extracted: 1 detections for file monitoring

Remote1 detections

Auto-extracted: 1 detections for remote

Lateral1 detections

Auto-extracted: 1 detections for lateral

Lateral1 detections

Auto-extracted: 1 detections for lateral

Ransomware1 detections

Auto-extracted: 1 detections for ransomware

Ransomware1 detections

Auto-extracted: 1 detections for ransomware

Remote1 detections

Auto-extracted: 1 detections for remote

DETECTIONS (23)