TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Test malware to evade detection
Test malware to evade detection
An adversary can run their code on systems with cyber security protections, such as antivirus products, in place to see if their code is detected. They can also test their malware on freely available public services. [1]
ID: T1359
Sub-techniques:
No sub-techniques
Tactic:
Test Capabilities
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Adversary controls the testing and can ensure data does not leak with proper OPSEC on testing.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Adversary has the ability to procure products and not have reporting return to vendors or can choose to use freely available services
References
- Damballa Day Before Zero Blog. (2009, December 17). Malware QA and Exploit Testing Services – Virtest.com. Retrieved March 9, 2017.
×