SMTP Connection Discovery
September 20, 2023 ยท View on GitHub
| ID | B0014 |
| Objective(s) | Discovery |
| Related ATT&CK Techniques | None |
| Version | 2.1 |
| Created | 1 August 2019 |
| Last Modified | 12 June 2023 |
SMTP Connection Discovery
Malware may test whether an outgoing SMTP connection can be made from the system on which the malware instance is executing to some SMTP server, by sending a test SMTP transaction.
Use in Malware
| Name | Date | Method | Description |
|---|---|---|---|
| Snake | 2004 | -- | Snake attempts to login to an attacker controlled SMTP server before sending information. [1] |
References
[1] https://www.cybereason.com/blog/research/threat-analysis-report-snake-infostealer-malware