Home/ MITRE Matrix/ Command and Control/ T1071.003

T1071.003Mail Protocols

T1071.003 — Mail Protocols is a MITRE ATT&CK technique in the Command and Control tactic. Clankerusecase tracks 5 detection use cases covering it and 2 threat-intel articles citing it.

Command and Control

View on the matrix → Filter Detection Library MITRE official spec ↗

5Use cases

2Articles

0Sub-techniques

1Tactic

↑ Parent technique: T1071 · Application Layer Protocol

Use cases covering this technique (5)

Windows File Transfer Protocol In Non-Common Process Path ESCU actions · hunting P Windows Mail Protocol In Non-Common Process Path ESCU actions · hunting P Windows Multi hop Proxy TOR Website Query ESCU actions · hunting P [LLM] postmark-mcp BCC exfil to giftshop.club Bespoke actions · alerting DSΣPDDCS [LLM] SnakeStealer SMTP Credential Exfiltration to Public Webmail Relays from Non-Mail Client Bespoke actions · alerting DSΣPDDCS

Articles citing this technique (2)

high What MDM can't protect on developer machines (and what to do about it) art-186

crit SnakeStealer: How it preys on personal data – and how you can protect yourself art-736