← Back to Explore
T1590.001
Domain Properties
Adversaries may gather information about the victim's network domain(s) that can be used during targeting. Information about domains and their properties may include a variety of details, including what domain(s) the victim owns as well as administrative data (ex: name, registrar, etc.) and more directly actionable information such as contacts (email addresses and phone numbers), business addresses, and name servers. Adversaries may gather this information in various ways, such as direct collec...
PRE
2
Detections
2
Sources
1
Threat Actors
BY SOURCE
1sigma1splunk_escu
PROCEDURES (2)
Network Connection Monitoring1 detections
Auto-extracted: 1 detections for network connection monitoring
Process Creation Monitoring1 detections
Auto-extracted: 1 detections for process creation monitoring