1. Home
  2. ATT&CK Techniques
  3. T1132.002 Non-Standard Encoding

T1132.002 Non-Standard Encoding Mappings

Adversaries may encode data with a non-standard data encoding system to make the content of command and control traffic more difficult to detect. Command and control (C2) information can be encoded using a non-standard data encoding system that diverges from existing protocol specifications. Non-standard data encoding schemes may be based on or related to standard data encoding schemes, such as a modified Base64 encoding for the message body of an HTTP request.(Citation: Wikipedia Binary-to-text Encoding) (Citation: Wikipedia Character Encoding)

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-4 Information Flow Enforcement Protects T1132.002 Non-Standard Encoding
CA-7 Continuous Monitoring Protects T1132.002 Non-Standard Encoding
CM-2 Baseline Configuration Protects T1132.002 Non-Standard Encoding
CM-6 Configuration Settings Protects T1132.002 Non-Standard Encoding
SC-7 Boundary Protection Protects T1132.002 Non-Standard Encoding
SI-3 Malicious Code Protection Protects T1132.002 Non-Standard Encoding
SI-4 System Monitoring Protects T1132.002 Non-Standard Encoding
action.malware.variety.C2 Command and control (C2) related-to T1132.002 Data Encoding: Non-Standard Encoding