Compression

ATT&CK T1027.015

Adversaries may use compression to obfuscate their payloads or files. Compressed file formats such as ZIP, gzip, 7z, and RAR can compress and archive multiple files together to make it easier and faster to transfer files. In addition to compressing files, adversaries may also compress shellcode directly - for example, in order to store it in a Windows Registry key (i.e., [Fileless Storage](https://attack.mitre.org/techniques/T1027/011)).(Citation: Trustwave Pillowmint June 2020) In order to further evade detection, adversaries may combine multiple ZIP files into one archive. This process of co

Category: Technique, stealth

MITRE ATT&CK: T1027.015

Reference: MITRE ATT&CK T1027.015