Test malware in various execution environments
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Adversary controls the test and defender likely has no visibility.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Adversary can simulate most environments (e.g., variable operating systems, patch levels, application versions) with details available from other techniques.
- Morton Christiansen. (2010, May 7). Bypassing Malware Defenses. Retrieved March 9, 2017.