scp

Linux exfiltration T1048.002

Secure Copy Protocol. Used for file transfer between hosts over SSH — exfiltration, payload staging, or lateral file movement.

Binary Paths

  • /usr/bin/scp
  • /bin/scp

Glob Patterns

Pattern Wildcards Notes
sc?
? Wildcard replaces 'p'
s*p
* Star matches 'c'
s[c]p
[] Bracket class on second char
sc[p]
[] Bracket class on last char
/usr/bin/sc?
? Full path wildcard
/???/bin/scp
? Directory obfuscation

Resources

← Back to Catalog