Test callback functionality

Callbacks are malware communications seeking instructions. An adversary will test their malware to ensure the appropriate instructions are conveyed and the callback software can be reached. [1]

ID: T1356

Tactic: Test Capabilities

Version: 1.0

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Adversary controls the test and defender likely has no visibility.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Adversary controls or acquires all pieces of infrastructure and can test outside of defender's visibility.

References

  1. Tony Lee. (2012, December 11). Testing Your Defenses - Beaconing. Retrieved March 9, 2017.