Remote File Copy
Adversaries leverage the Remote File Copy technique to deploy binaries from a command and control (C2) server to a victim machine or between systems in a compromised environment. As these examples suggest, the technique falls under both the Command and Control and Lateral Movement tactics.
Like certain other techniques on this list, Remote File Copy is a technique of necessity. Adversaries often have to copy files between remote systems if they want to accomplish their objectives. As a result, we see many prominent malware families leveraging Remote File Copy. MITRE ATT&CK lists nearly 200 threat groups and malware samples, but some prominent examples include:
Astaroth
Bundlore
Dyre
Emotet
njRAT
PlugX
Shlayer
SmokeLoader
TrickBot
Wannacry
Last updated