T1588.001SubTechniqueresource-developmentagent-callable

T1588.001Malware

Sub-technique of T1588

Platforms: PRE

ATT&CK version: 14.1

What it is

Adversaries may buy, steal, or download malware that can be used during targeting. Malicious software can include payloads, droppers, post-compromise tools, backdoors, packers, and C2 protocols. Adversaries may acquire malware to support their operations, obtaining a means for maintaining control of remote machines, evading defenses, and executing post-compromise behaviors. In addition to downloading free malware from the internet, adversaries may purchase these capabilities from third-party entities. Third-party entities can include technology companies that specialize in malware development, criminal marketplaces (including Malware-as-a-Service, or MaaS), or from individuals. In addition to purchasing malware, adversaries may steal and repurpose malware from third-party entities (including other adversaries).

ATT&CK tactics· 1

Resource Development

References

  1. https://attack.mitre.org/techniques/T1588/001
  2. https://www.mandiant.com/resources/supply-chain-analysis-from-quartermaster-to-sunshop
Sourced from MITRE ATT&CK Enterprise v14.1. Curated and contextualized for EU compliance use cases by Adam Lundqvist, Founder at SQUR.
T1588.001: Malware | SQUR Knowledge Base