Navigation :
Suspicious Domain Name
Description
Triggered when a user visits a suspicious domain name that appears to be algorithmically generated.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Advanced Threat Detection, Security Monitoring
Category
Command and Control, Endpoint Compromise, Data Exfiltration
Alert Volume
High
(?)SPL Difficulty
None
Journey
Stage 6
MITRE ATT&CK Tactics
Reconnaissance
Initial Access
Command and Control
MITRE ATT&CK Techniques
Dynamic Resolution
Phishing for Information
Spearphishing Link
Commonly Used Port
Application Layer Protocol
Domain Generation Algorithms
Spearphishing Link
MITRE Threat Groups
APT41
Data Sources
DNS
Web Proxy