Jump to content

Question about malware and communication


alan_nala
 Share

Recommended Posts

Hi,

 

I have a question about how malware communicates with a C2.  When a malware beacons or sends data back to a C2 and its done so through HTTP, are those communications done through a browser or at a lower level like a socket where no record in the index.dat or browser history occurs?

 

Thanks,

 

alan

Link to post
Share on other sites

Maybe some unsophisticated malware may use a browser but sophisticated malware will generate the traffic by itself or by an injected process and beacon to the C2.  When the system responds, the data stream and/or the data is encrypted by some methodology.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.