Skip to content

T1637 Dynamic Resolution

Adversaries may dynamically establish connections to command and control infrastructure to evade common detections and remediations. This may be achieved by using malware that shares a common algorithm with the infrastructure the adversary uses to receive the malware’s communications. This algorithm can be used to dynamically adjust parameters such as the domain name, IP address, or port number the malware uses for command and control.

Item Value
ID T1637
Sub-techniques T1637.001
Tactics TA0037
Platforms Android, iOS
Version 1.0
Created 05 April 2022
Last Modified 05 April 2022